Microsoft: >> Configuration Manager 2403 Security Vulnerabilities
Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.
CVSS Score
6.7
EPSS Score
0.001
Published
2025-11-11
Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network.
CVSS Score
4.8
EPSS Score
0.003
Published
2025-10-31
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges over an adjacent network.
CVSS Score
8.8
EPSS Score
0.003
Published
2025-10-14
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over an adjacent network.
CVSS Score
6.8
EPSS Score
0.003
Published
2025-10-14
CVE-2024-43468
Microsoft Configuration Manager Remote Code Execution Vulnerability
Known exploited
CVSS Score
9.8
EPSS Score
0.875
Published
2024-10-08