CVE-2025-47179

Published Nov 11, 2025

Last updated 4 months ago

CVSS medium 6.7

Overview

Description
Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.
Source
secure@microsoft.com
NVD status
Analyzed
Products
configuration_manager_2403, configuration_manager_2409, configuration_manager_2503

Risk scores

CVSS 3.1

Type
Primary
Base score
6.7
Impact score
5.9
Exploitability score
0.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity
MEDIUM

Weaknesses

secure@microsoft.com
CWE-284

Social media

Hype score
Not currently trending

  1. SCCM admins: review your roles. MSSQL admins: review ALTER ANY LOGIN exposure. @_Mayyhem details CVE-2025-47179 & CVE-2025-49758 and how these escalations can be identified through graph analysis. Check out his blog post for more! https://t.co/M2q6TeMGh1

    @SpecterOps

    15 Jan 2026

    3294 Impressions

    29 Retweets

    58 Likes

    24 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network.CVE-2025-59501
  2. Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges over an adjacent network.CVE-2025-59213
  3. Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.CVE-2025-55320
  4. Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.CVE-2025-47178
  5. Microsoft Configuration Manager SQL Injection VulnerabilityCVE-2024-43468

References

Sources include official advisories and independent security research.