CVE-2025-59213
published 2025-10-14CVE-2025-59213: Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to…
PriorityP357high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
EPSS
0.34%
25.4th percentile
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges over an adjacent network.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | configuration_manager_2403 | < 5.00.9128.1035 | 5.00.9128.1035 |
| microsoft | configuration_manager_2409 | < 5.00.9132.1029 | 5.00.9132.1029 |
| microsoft | configuration_manager_2503 | < 5.00.9135.1008 | 5.00.9135.1008 |
| microsoft | microsoft_configuration_manager | >= 1.0.0 < 5.00.9135.1008 | 5.00.9135.1008 |
| microsoft | microsoft_configuration_manager_2409 | >= 1.0.0 < 5.00.9132.1029 | 5.00.9132.1029 |
| msrc | microsoft_configuration_manager_2403 | — | — |
| msrc | microsoft_configuration_manager_2409 | — | — |
| msrc | microsoft_configuration_manager_2503 | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hrc2-g2w7-74hg: Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacke
ghsa_unreviewed·2025-10-14
CVE-2025-59213 [HIGH] CWE-89 GHSA-hrc2-g2w7-74hg: Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacke
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges locally.
Microsoft
Configuration Manager Elevation of Privilege Vulnerability
vendor_msrc·2025-10-14·CVSS 8.8
CVE-2025-59213 [HIGH] CWE-89 Configuration Manager Elevation of Privilege Vulnerability
Configuration Manager Elevation of Privilege Vulnerability
Description: Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges over an adjacent network.
FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability?
An authorized attacker who successfully exploited this vulnerability could gain configuration manager administrator privileges.
FAQ: How could an attacker exploit this vulnerability?
An attacker could exploit this vulnerability by injecting malicious SQL into the DuplicateAMTMachineRecord method.
Microsoft Configuration Manager: Microsoft Configuration Manager
Microsoft: Microsoft
Customer Action Required: Yes
Impact: E
No detection rules found.
No public exploits indexed.
2025-10-14
Published