- Description
- Azure Bastion Elevation of Privilege Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- CNA Tags
- exclusively-hosted-service
- Products
- azure_bastion_developer
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
- Severity
- CRITICAL
- secure@microsoft.com
- CWE-294
- Hype score
- Not currently trending
A critical vulnerability in Azure Bastion allows attackers to bypass authentication and gain full control. Discover how CVE-2025-49752 can lead to VM compromise and lateral movement within your Azure environment. https://t.co/LiJbUN16pG
@chicom9
24 Jan 2026
118 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 ALERTA CRÍTICA (1 dic 2025) - Azure Bastion → CVE-2025-49752 (CVSS 10.0) → acceso total a tus VMs sin credenciales - GlobalProtect → https://t.co/pGHtbI1xHt No es teoría, ya está pasando.
@Juansemaraon
1 Dec 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
🚨 Critical Azure Bastion flaw (CVE-2025-49752, CVSS 10) lets attackers replay tokens and gain full admin access to VMs with no authentication. All SKUs were vulnerable before the Nov 20 patch, verify now. Full advisory: 👉https://t.co/I9JkCOHEAF #Azure #CyberSecurity https:/
@sequretek_sqtk
28 Nov 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Azure Bastion Privilege Escalation (CVE-2025-49752) - Patch now! Attackers can elevate privileges without authentication. Secure your cloud infrastructure ASAP → https://t.co/MNfQ5bV4i0 #Azure #CloudSecurity https://t.co/SIhJ0EniOy
@rapidriskradar
27 Nov 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#securityupdate #microsoft #定例外 2025.11.21 Azure Bastion の特権昇格の脆弱性 CVE-2025-49752 Security Vulnerability リリース日: 2025年11月20日 最終更新日: 2025年11月21日 - マイクロソフト https://t.co/QDEmJWfWoY
@kawn2020
24 Nov 2025
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
1 Quote
Azure Bastionに深刻な認証回避の脆弱性が見つかり(CVE-2025-49752)、遠隔から管理者権限を奪取される恐れがあるとして、利用企業に緊急対応が求められている。攻撃は単一リクエストで成立し、全仮想マシンが危
@yousukezan
23 Nov 2025
4320 Impressions
11 Retweets
34 Likes
16 Bookmarks
0 Replies
2 Quotes
Azure Bastion CVE-2025-49752 CVSS Score: 10/10 Affected: All Azure Bastion deployments prior to the security update released on November 20, 2025 https://t.co/vyKHRP27cy
@sectoriumx
22 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Alerta crítica en #Azure Bastion 🚨 Microsoft confirma vulnerabilidad CVE-2025-49752 (CVSS 10.0) que permite bypass de autenticación y escalada a privilegios administrativos con una sola petición de red. 🔒 Parche liberado el 20 de noviembre 2025 → No afectó en
@SoyITPro
21 Nov 2025
2210 Impressions
6 Retweets
29 Likes
4 Bookmarks
0 Replies
0 Quotes
Azure Bastion CVE-2025-49752 👀 CVSS Score: 10/10 Affected: All Azure Bastion deployments prior to the security update released on November 20, 2025 https://t.co/MTpd2zaxeL
@0x534c
21 Nov 2025
16903 Impressions
37 Retweets
108 Likes
66 Bookmarks
1 Reply
0 Quotes
🚨 CRITICAL: CVE-2025-49752 in Azure Bastion Developer enables auth bypass via capture-replay attacks—no patch yet! Restrict access, monitor logs, and enable MFA. Act now to protect cloud VMs. https://t.co/2XaRJF1Pgp... https://t.co/6VAMz2eRKj
@offseq
21 Nov 2025
94 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
[CVE-2025-49752: CRITICAL] Azure Bastion Elevation of Privilege Vulnerability#cve,CVE-2025-49752,#cybersecurity https://t.co/dwcnnrhals https://t.co/WYdhLpdBwy
@CveFindCom
20 Nov 2025
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_bastion_developer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4B68077-90CE-41F2-ADE8-64D1C897EBC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]