CyberSecurity

on October 14, 2025 at 7:00 am — CVE-2025-47989 Azure Connected Machine Agent Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.

on October 14, 2025 at 7:00 am — CVE-2025-47989 Azure Connected Machine Agent Elevation of Privilege Vulnerability Read More »

on October 14, 2025 at 7:00 am — CVE-2025-48004 Microsoft Brokering File System Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.

on October 14, 2025 at 7:00 am — CVE-2025-48004 Microsoft Brokering File System Elevation of Privilege Vulnerability Read More »

on October 14, 2025 at 7:00 am — CVE-2025-50174 Windows Device Association Broker Service Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Use after free in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.

on October 14, 2025 at 7:00 am — CVE-2025-50174 Windows Device Association Broker Service Elevation of Privilege Vulnerability Read More »

on October 14, 2025 at 7:00 am — CVE-2025-53782 Microsoft Exchange Server Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges locally.

on October 14, 2025 at 7:00 am — CVE-2025-53782 Microsoft Exchange Server Elevation of Privilege Vulnerability Read More »

on October 14, 2025 at 7:00 am — CVE-2025-55247 .NET Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Improper link resolution before file access (‘link following’) in .NET allows an authorized attacker to elevate privileges locally.

on October 14, 2025 at 7:00 am — CVE-2025-55247 .NET Elevation of Privilege Vulnerability Read More »

on October 13, 2025 at 7:00 am — CVE-2025-0033 AMD CVE-2025-0033: RMP Corruption During SNP Initialization

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Microsoft is aware of [AMD-SB-3020 | CVE-2025-0033](http://https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3020.html) disclosed by AMD on October 13, 2025. CVE-2025-0033 is a vulnerability in AMD EPYC processors using Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP). It involves a race condition during Reverse Map Table (RMP) initialization that could allow a malicious or compromised hypervisor to modify RMP entries before

on October 13, 2025 at 7:00 am — CVE-2025-0033 AMD CVE-2025-0033: RMP Corruption During SNP Initialization Read More »

on October 9, 2025 at 4:08 pm — Chromium: CVE-2025-11458 Heap buffer overflow in Sync

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.

on October 9, 2025 at 4:08 pm — Chromium: CVE-2025-11458 Heap buffer overflow in Sync Read More »