Unrated severityNVD Advisory· Published Oct 14, 2025· Updated Feb 22, 2026
Configuration Manager Elevation of Privilege Vulnerability
CVE-2025-55320
Description
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over an adjacent network.
Affected products
3- Range: 1.0.0
- Microsoft/Microsoft Configuration Manager 2409v5Range: 1.0.0
Patches
Vulnerability mechanics
References
1- msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55320mitrevendor-advisorypatch
News mentions
0No linked articles in our index yet.