Improper Authorization Vulnerability in Microsoft Partner Center
CVE-2025-29814

9.3CRITICAL

Key Information:

Vendor: Microsoft
Status: Microsoft Partner Center
Vendor: CVE Published:; 21 March 2025

What is CVE-2025-29814?

An improper authorization vulnerability exists in Microsoft Partner Center, enabling an unauthorized attacker to elevate privileges within a network environment. This flaw could potentially allow attackers to gain elevated access rights, exposing sensitive information and compromising the integrity of the system.

Affected Version(s)

Microsoft Partner Center Unknown

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

9.3

Severity:

CRITICAL

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Mar 21, 2025