CVE-2025-21416

azure_virtual_desktop vulnerability - microsoft

High CVSS Score: 8.5 Published: 2025-04-30

Description

Missing authorization in Azure Virtual Desktop allows an authorized attacker to elevate privileges over a network.

Affected Systems

Vendor microsoft
Product azure_virtual_desktop
Affected Versions -
CWE ID CWE-862

Mitigation

Apply the latest security patches from the vendor, restrict network exposure where applicable, and monitor for exploitation attempts.

Fix Instructions

Refer to the vendor advisory and apply the latest security updates. See references for detailed patching instructions.

References

Risk Assessment

CVSS: 8.5/10

Exploit Available Unknown
Patch Available Yes

Need Help Patching?

Our security team can help assess and remediate this vulnerability in your environment.

Get Help

Related Vulnerabilities

high

CVE-2025-30389

azure_ai_bot_service...
critical

CVE-2025-30392

azure_ai_bot_service...
critical

CVE-2025-30390

azure_machine_learning...

Stay Ahead of Threats

Subscribe to our vulnerability feed and get instant alerts when new CVEs affect your systems.

Start Monitoring