CVE-2025-29976
published 2025-05-13CVE-2025-29976: Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_sharepoint_enterprise_server_2016 | >= 16.0.0 < 16.0.5500.1001 | 16.0.5500.1001 |
| microsoft | microsoft_sharepoint_server_2019 | >= 16.0.0 < 16.0.10417.20010 | 16.0.10417.20010 |
| microsoft | microsoft_sharepoint_server_subscription_edition | >= 16.0.0 < 16.0.18526.20286 | 16.0.18526.20286 |
| microsoft | sharepoint_server | < 16.0.18526.20286 | 16.0.18526.20286 |
| microsoft | sharepoint_server | — | — |
| microsoft | sharepoint_server | — | — |
| msrc | microsoft_sharepoint_enterprise_server_2016 | — | — |
| msrc | microsoft_sharepoint_server_2019 | — | — |
| msrc | microsoft_sharepoint_server_subscription_edition | — | — |