Skip to main content

Partner Center

2 CVEs product

Monthly

CVE-2025-29814 CRITICAL Act Now

Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.9% and no vendor patch available.

Microsoft Information Disclosure Partner Center
NVD
CVSS 3.1
9.3
EPSS
18.9%
CVE-2024-49035 CRITICAL KEV THREAT Act Now

An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Partner Center
NVD
CVSS 3.1
9.8
EPSS
1.3%
EPSS 19% CVSS 9.3
CRITICAL Act Now

Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.9% and no vendor patch available.

Microsoft Information Disclosure Partner Center
NVD
EPSS 1% CVSS 9.8
CRITICAL KEV THREAT Act Now

An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Partner Center
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy