Skip to main content

Microsoft Configuration Manager CVE-2026-47301

| EUVDEUVD-2026-44352 HIGH
Improper Access Control (CWE-284)
2026-07-14 microsoft GHSA-c9fw-992q-vr57
8.8
CVSS 3.1 · Vendor: microsoft
Temporal: 7.7
Share

Severity by source

Vendor (microsoft) PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CIRCL (temporal)
7.7 HIGH
cvss
vuln.today AI
8.8 HIGH

Network-reachable escalation from an existing low-privileged authorized account (PR:L), no user interaction, low complexity, with full compromise of the ConfigMgr system.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (microsoft).

CVSS VectorVendor: microsoft

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jul 14, 2026 - 20:11 vuln.today
CVE Published
Jul 14, 2026 - 18:45 nvd
HIGH 8.8

DescriptionCVE.org

Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over a network.

AnalysisAI

Privilege escalation in Microsoft Configuration Manager (versions 2509 and 2603) lets an already-authorized, low-privileged network user gain elevated privileges due to improper access control. Rated CVSS 8.8, the flaw yields full confidentiality, integrity, and availability impact and is remotely reachable, though it requires existing valid low-level access. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privileged ConfigMgr access
Delivery
Send crafted request over network
Exploit
Bypass improper access-control check
Execution
Elevate privileges on ConfigMgr system
Impact
Gain High confidentiality/integrity/availability control

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to already hold low-level authorized access to Microsoft Configuration Manager (CVSS PR:L), reachable over the network (AV:N) with low complexity (AC:L) and no user interaction (UI:N). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) describes a network-reachable, low-complexity attack needing only low existing privileges and no user interaction, with total impact on the compromised system - a genuinely high-priority profile for any environment running ConfigMgr, since the product's central role amplifies the blast radius. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained low-privileged but authorized access to a ConfigMgr environment (e.g., a limited operator account or a foothold on a managed client) sends crafted requests over the network to the Configuration Manager service, abusing the improper access-control check to perform actions beyond their assigned role. Because scope is unchanged but confidentiality, integrity, and availability impact are all High, the attacker escalates to elevated control of the ConfigMgr system, potentially pivoting to broader domain compromise. …
Remediation Patch available per vendor advisory - apply the Microsoft-provided update for Configuration Manager referenced at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47301, prioritizing site servers and the 2509 and 2603 branches. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, identify all systems running Configuration Manager versions 2509 and 2603 and assess network exposure to low-privileged users. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-47301 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy