CVE-2025-59273
📊 7.3 HIGH⚡ 0.1%🎯 0 exploits
📅 Published Oct 23, 2025
📋 Status: Analyzed
Improper access control in Azure Event Grid allows an unauthorized attacker to elevate privileges over a network.
CVSS v3.1 • [email protected]
🎯 Affected Products & Systems
1 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | microsoft | azure event grid | All versions | Vulnerable | cpe:2.3:a:microsoft:azure_event_grid:-:*:*:*:*:*:*:* |
📱
VulnerableApplication
Version: All versions
CPE:
cpe:2.3:a:microsoft:azure_event_grid:-:*:*:*:*:*:*:*
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector:
NETWORK
Complexity:
LOW
Privileges:
NONE
User Interaction:
NONE
Confidentiality:
LOW
Integrity:
LOW
Availability:
LOW
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
AnalyzedCVSS Details
7.3 (HIGH)v3.1
Source: [email protected]
EPSS Details
0.1% (Minimal)26.3th percentile
Last updated: Oct 30, 2025
Exploitation probability within 30 days
Published Date
Oct 23, 2025 (8 days ago)
Last Modified
Oct 28, 2025 (3 days ago)
Security Weaknesses2
CWE-284
References2
NVDadvisory