Unrated severityNVD Advisory· Published Oct 14, 2025· Updated Feb 26, 2026
Configuration Manager Elevation of Privilege Vulnerability
CVE-2025-59213
Description
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges over an adjacent network.
Affected products
3- Range: 1.0.0
- Microsoft/Microsoft Configuration Manager 2409v5Range: 1.0.0
Patches
Vulnerability mechanics
References
1- msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59213mitrevendor-advisorypatch
News mentions
0No linked articles in our index yet.