CVE-2025-53792

Critical

Published: 07 August 2025

Published

07 August 2025

Modified

14 August 2025

KEV Added

—

Patch

—

CVSS Score 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

EPSS Score 0.0041 61.2th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-53792 is a critical-severity Improper Authorization (CWE-285) vulnerability in Microsoft Azure Portal. Its CVSS base score is 9.1 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 38.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-24 (Access Control Decisions) and AC-3 (Access Enforcement).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-3 Access Enforcement good match

prevent

Enforces approved authorizations for access to Azure Portal resources, directly preventing privilege escalation due to improper authorization (CWE-285).

AC-24 Access Control Decisions good match

prevent

Requires correct access control decisions for defined resources and roles, addressing the authorization flaw enabling unauthenticated attackers to escalate privileges.

AC-6 Least Privilege partial match

prevent

Limits privileges to the minimum necessary, reducing the potential impact of escalated access gained through the Azure Portal vulnerability.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

Direct EoP via improper auth in public-facing Azure Portal enables remote exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Azure Portal Elevation of Privilege Vulnerability

Deeper analysisAI

CVE-2025-53792 is an elevation of privilege vulnerability affecting the Azure Portal. It stems from improper authorization (CWE-285) and has a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N), indicating critical severity due to its potential for high confidentiality and integrity impacts without requiring user privileges or interaction.

Unauthenticated attackers with network access can exploit this vulnerability remotely with low complexity. Successful exploitation allows privilege escalation within the Azure Portal, enabling unauthorized access to sensitive data (high confidentiality impact) and modification of resources (high integrity impact), while availability remains unaffected.

Microsoft's Security Response Center has published an update guide detailing mitigation and patch information at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53792. Security practitioners should consult this advisory for specific remediation steps, as the vulnerability was published on 2025-08-07.

Details

CWE(s): CWE-285

Affected Products

microsoft

azure portal

all versions

CVEs Like This One

CVE-2026-24305Same vendor: Microsoft

CVE-2025-26683Same vendor: Microsoft

CVE-2025-64655Same vendor: Microsoft

CVE-2026-33105Same vendor: Microsoft

CVE-2025-53795Same vendor: Microsoft

CVE-2025-21275Same vendor: Microsoft

CVE-2025-49701Same vendor: Microsoft

CVE-2025-21348Same vendor: Microsoft

CVE-2025-24053Same vendor: Microsoft

CVE-2026-27912Same vendor: Microsoft

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53792
Vendor Advisory · secure@microsoft.com