CVE-2025-49707NVD

Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally.

Severity Level

HIGH(7.9)

Published Date

Aug 12, 2025

Last Modified

Aug 20, 2025

Exploitation Status

????

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v3.1 Base Metrics

Attack VectorLocal

Attack ComplexityLow

Privileges RequiredHigh

User InteractionNone

ScopeChanged

ConfidentialityHigh

IntegrityHigh

AvailabilityNone

CVE Watchtower