CVE-2025-59501: Microsoft Configuration Manager Elevation of Privilege Vulnerability

CVE-2025-59503: Azure Compute Resource Provider Elevation of Privilege Vulnerability

CVE-2025-59500: Azure Notification Service Elevation of Privilege Vulnerability

CVE-2025-59273: Azure Event Grid System Elevation of Privilege Vulnerability

CVE-2025-11756: Chromium: CVE-2025-11756 Use after free in Safe Browsing

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?**

For the vulnerability, this means the exploitation requires a specific and uncommon condition: an Active Directory user account must exist with a matching user principal name (UPN) that was not properly synchronized to Microsoft Entra ID.

Headline

CVE-2025-59501: Microsoft Configuration Manager Elevation of Privilege Vulnerability

Microsoft Security Response Center: Latest News