CVE-2025-47179
published 2025-11-11CVE-2025-47179: Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.
PriorityP335medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
EPSS
0.33%
24.5th percentile
Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | configuration_manager_2403 | < 5.00.9128.1037 | 5.00.9128.1037 |
| microsoft | configuration_manager_2409 | < 5.00.9132.1031 | 5.00.9132.1031 |
| microsoft | configuration_manager_2503 | < 5.0.9135.1013 | 5.0.9135.1013 |
| microsoft | microsoft_configuration_manager | >= 1.0.0 < 5.00.9128.1037 | 5.00.9128.1037 |
| microsoft | microsoft_configuration_manager_2409 | >= 1.0.0 < 5.00.9132.1031 | 5.00.9132.1031 |
| msrc | microsoft_configuration_manager_2403 | — | — |
| msrc | microsoft_configuration_manager_2409 | — | — |
| msrc | microsoft_configuration_manager_2503 | — | — |
CVSS provenance
nvdv3.16.7MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
vendor_msrc6.7MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Configuration Manager Elevation of Privilege Vulnerability
vendor_msrc·2025-11-11·CVSS 6.7
CVE-2025-47179 [MEDIUM] CWE-284 Configuration Manager Elevation of Privilege Vulnerability
Configuration Manager Elevation of Privilege Vulnerability
Description: Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.
FAQ: How could an attacker exploit this vulnerability?
An attacker with access to any user account assigned the built-in CMPivot Administrator security role could exploit this vulnerability by escalating privileges. Specifically, they could assign themselves—or another account—the Full Administrator role (or any other elevated role), or modify existing role permissions. This would allow them to bypass intended security boundaries and gain unrestricted access across the hierarchy.
FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability?
An authorized attacker
GHSA
GHSA-fhx9-g9rq-h389: Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally
ghsa_unreviewed·2025-11-11
CVE-2025-47179 [MEDIUM] CWE-284 GHSA-fhx9-g9rq-h389: Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally
Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.
No detection rules found.
No public exploits indexed.
2025-11-11
Published