Cyber Resilience

CVE-2025-49746

Critical

Published: 18 July 2025

Published
18 July 2025
Modified
14 August 2025
KEV Added
Patch
CVSS Score v3.1 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0144 81.2th percentile
Risk Priority 21 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-49746 is a critical-severity Improper Authorization (CWE-285) vulnerability in Microsoft Azure Machine Learning. Its CVSS base score is 9.9 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 18.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Other Platforms; in the Not Applicable risk domain.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

CVE-2025-49746 is an improper authorization vulnerability, tracked under CWE-285, that affects Azure Machine Learning. The flaw carries a CVSS 3.1 base score of 9.9 and permits an authorized attacker to perform privilege escalation across a network, with impacts spanning confidentiality, integrity, and availability under changed scope.

An attacker who already possesses valid credentials can exploit the weakness remotely without user interaction to elevate privileges and obtain broader control over Azure Machine Learning resources and dependent workloads.

The associated Microsoft Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49746 provides official guidance and remediation details. Exploitation probability remains low, with an EPSS score that has stayed near 0.015 and shows no material upward movement since disclosure; the issue is directly relevant to machine-learning environments hosted in Azure.

EU & UK References

Vulnerability details

Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.

CWE(s)

AI Security AnalysisAI

AI Category
Other Platforms
Risk Domain
Not Applicable
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: machine learning

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

The improper authorization vulnerability enables privilege escalation via exploitation of the Azure Machine Learning service, directly mapping to T1068: Exploitation for Privilege Escalation.

CVEs Like This One

CVE-2025-49747Same product: Microsoft Azure Machine Learning
CVE-2025-47995Same product: Microsoft Azure Machine Learning
CVE-2025-53795Same vendor: Microsoft
CVE-2026-27912Same vendor: Microsoft
CVE-2026-32207Same product: Microsoft Azure Machine Learning
CVE-2025-24053Same vendor: Microsoft
CVE-2025-21275Same vendor: Microsoft
CVE-2025-21400Same vendor: Microsoft
CVE-2025-26683Same vendor: Microsoft
CVE-2025-64655Same vendor: Microsoft

Affected Assets

microsoft
azure machine learning
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Enforces approved authorizations for logical access, directly preventing improper authorization that enables privilege escalation in Azure Machine Learning.

prevent

Employs the principle of least privilege to restrict low-privileged users from escalating to high privileges via this vulnerability.

prevent

Provides timely flaw remediation through vendor patches as specified in the MSRC update guide for this Azure Machine Learning authorization vulnerability.

References