Microsoft Service Fabric vulnerabilities

CVE-2025-21195 [MEDIUM] CWE-59 CVE-2025-21195: Improper link resolution before file access ('link following') in Service Fabric allows an authorize Improper link resolution before file access ('link following') in Service Fabric allows an authorized attacker to elevate privileges locally.

CVE-2022-30137 [MEDIUM] CVE-2022-30137: Executive Summary An Elevation of Privilege (EOP) vulnerability has been identified within Service F Executive Summary An Elevation of Privilege (EOP) vulnerability has been identified within Service Fabric clusters that run Docker containers. Exploitation of this EOP vulnerability requires an attacker to gain remote code execution within a container. All Service Fabric and Docker versions are impacted.

CVE-2020-0902 [CRITICAL] CVE-2020-0902: An elevation of privilege vulnerability exists in Service Fabric File Store Service under certain co An elevation of privilege vulnerability exists in Service Fabric File Store Service under certain conditions, aka 'Service Fabric Elevation of Privilege'.