CVE-2024-37325

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Jun 11, 2024
Updated: Jun 13, 2024
CWE ID 200

Summary

CVE-2024-37325 is an elevation of privilege vulnerability affecting Azure Science Virtual Machines (DSVMs). The issue permits an attacker to escalate their privileges, potentially gaining administrator access to the DSVM. Successful exploitation could result in unauthorized modification or deletion of data, installation of unauthorized software, and other malicious activities. Microsoft has released a security update to address the vulnerability, and it is recommended that all DSVM users apply the patch as soon as possible to mitigate the risk. Failure to address this issue may expose sensitive data and systems to unauthorized access.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share