Information Disclosure Vulnerability in Azure Stack by Microsoft
CVE-2025-53793

7.5HIGH

Key Information:

Vendor: Microsoft
Status: Azure Stack Hub 2408; Azure Stack Hub 2406; Azure Stack Hub 2501
Vendor: CVE Published:; 12 August 2025

What is CVE-2025-53793?

An improper authentication flaw in Azure Stack could potentially enable unauthorized attackers to gain access to sensitive information transmitted over a network. This vulnerability highlights the need for stringent access controls and monitoring to prevent data leakage and ensure the integrity of cloud services.

Affected Version(s)

Azure Stack Hub 2406 Unknown 1.0.0 < 1.2406.1.23

Azure Stack Hub 2408 Unknown 1.0.0 < 1.2408.1.50

Azure Stack Hub 2501 Unknown 1.0.0 < 1.2501.1.47

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2025
Vulnerability Reserved
Jul 9, 2025