CVE-2025-53762
Published: 18 July 2025
Summary
CVE-2025-53762 is a high-severity Permissive List of Allowed Inputs (CWE-183) vulnerability in Microsoft Purview. Its CVSS base score is 8.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 16.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Deeper analysis
Microsoft Purview contains a permissive list of allowed inputs tracked as CWE-183 that produces the vulnerability described in CVE-2025-53762. The flaw permits an authorized attacker to elevate privileges across a network and carries a CVSS 3.1 base score of 8.7 reflecting network attack vector, low complexity, high-privilege requirement, and changed scope with high impact to confidentiality and integrity.
An attacker already holding high privileges can send crafted inputs over the network to expand access beyond the intended authorization boundary, achieving broad control over affected Purview resources without user interaction.
Microsoft publishes mitigation guidance and patch information for this issue in its Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53762. The associated EPSS score remains low, moving only from 0.0178 to a peak of 0.0189.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-21916
Vulnerability details
Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct privilege escalation via permissive input validation flaw in a network-accessible service.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly addresses the permissive list of allowed inputs in Microsoft Purview by requiring validation of all information inputs to prevent privilege escalation.
Enforces logical access controls to block unauthorized privilege elevation enabled by improperly validated inputs over the network.
Applies least privilege to minimize the privileges available for escalation by a high-privilege attacker exploiting permissive inputs.