CVE-2024-37325
CVSS 3.1 Score 8.1 of 10 (high)
Details
Summary
CVE-2024-37325 is an elevation of privilege vulnerability affecting Azure Science Virtual Machines (DSVMs). The issue permits an attacker to escalate their privileges, potentially gaining administrator access to the DSVM. Successful exploitation could result in unauthorized modification or deletion of data, installation of unauthorized software, and other malicious activities. Microsoft has released a security update to address the vulnerability, and it is recommended that all DSVM users apply the patch as soon as possible to mitigate the risk. Failure to address this issue may expose sensitive data and systems to unauthorized access.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.