CVE-2025-27743 - Vulnerability Details - OpenCVE

Untrusted search path in System Center allows an authorized attacker to elevate privileges locally.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

No data.

No data.

No data.

References

Link	Providers
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27743

History

Tue, 08 Apr 2025 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 08 Apr 2025 17:30:00 +0000

Type	Values Removed	Values Added
Description		Untrusted search path in System Center allows an authorized attacker to elevate privileges locally.
Title		Microsoft System Center Elevation of Privilege Vulnerability
Weaknesses		CWE-426
References		https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27743
Metrics		cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}`

MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2025-04-08T17:23:25.628Z

Updated: 2025-04-30T17:13:48.565Z

Reserved: 2025-03-06T04:26:08.553Z

Link: CVE-2025-27743

Vulnrichment

Updated: 2025-04-08T19:57:44.615Z

NVD

Status : Awaiting Analysis

Published: 2025-04-08T18:16:03.260

Modified: 2025-04-09T20:03:01.577

Link: CVE-2025-27743

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-27743", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2025-03-06T04:26:08.553Z", "datePublished": "2025-04-08T17:23:25.628Z", "dateUpdated": "2025-04-30T17:13:48.565Z"}, "containers": {"cna": {"title": "Microsoft System Center Elevation of Privilege Vulnerability", "datePublic": "2025-04-08T07:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_virtual_machine_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "N/A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_virtual_machine_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "N/A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_virtual_machine_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "N/A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_data_protection_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "N/A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_data_protection_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "N/A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_data_protection_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "N/A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_orchestrator:*:*:*:*:*:*:*:*", "versionStartIncluding": "N/A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_orchestrator:*:*:*:*:*:*:*:*", "versionStartIncluding": "N/A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_orchestrator:*:*:*:*:*:*:*:*", "versionStartIncluding": "N/A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_service_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "N/A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_service_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "N/A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_service_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "N/A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_operations_manager:*:-:*:*:*:*:*:*", "versionStartIncluding": "N/A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_operations_manager:*:-:*:*:*:*:*:*", "versionStartIncluding": "N/A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:system_center_operations_manager:*:-:*:*:*:*:*:*", "versionStartIncluding": "N/A"}]}]}], "affected": [{"vendor": "Microsoft", "product": "System Center Virtual Machine Manager 2022", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Microsoft", "product": "System Center Virtual Machine Manager 2019", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Microsoft", "product": "System Center Virtual Machine Manager 2025", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Microsoft", "product": "System Center Data Protection Manager 2025", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Microsoft", "product": "System Center Data Protection Manager 2022", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Microsoft", "product": "System Center Data Protection Manager 2019", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Microsoft", "product": "System Center Orchestrator 2019", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Microsoft", "product": "System Center Orchestrator 2022", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Microsoft", "product": "System Center Orchestrator 2025", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Microsoft", "product": "System Center Service Manager 2019", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Microsoft", "product": "System Center Service Manager 2022", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Microsoft", "product": "System Center Service Manager 2025", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Microsoft", "product": "System Center Operations Manager 2019", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Microsoft", "product": "System Center Operations Manager 2022", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Microsoft", "product": "System Center Operations Manager 2025", "platforms": ["Unknown"], "versions": [{"version": "N/A", "status": "affected"}]}], "descriptions": [{"value": "Untrusted search path in System Center allows an authorized attacker to elevate privileges locally.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-426: Untrusted Search Path", "lang": "en-US", "type": "CWE", "cweId": "CWE-426"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2025-04-30T17:13:48.565Z"}, "references": [{"name": "Microsoft System Center Elevation of Privilege Vulnerability", "tags": ["vendor-advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27743"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-08T19:57:39.876585Z", "id": "CVE-2025-27743", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-08T19:57:50.616Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-27743", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-04-08T19:57:39.876585Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-08T19:57:44.615Z"}}], "cna": {"title": "Microsoft System Center Elevation of Privilege Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "System Center Virtual Machine Manager 2022", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "System Center Virtual Machine Manager 2019", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "System Center Virtual Machine Manager 2025", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "System Center Data Protection Manager 2025", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "System Center Data Protection Manager 2022", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "System Center Data Protection Manager 2019", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "System Center Orchestrator 2019", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "System Center Orchestrator 2022", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "System Center Orchestrator 2025", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "System Center Service Manager 2019", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "System Center Service Manager 2022", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "System Center Service Manager 2025", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "System Center Operations Manager 2019", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "System Center Operations Manager 2022", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "System Center Operations Manager 2025", "versions": [{"status": "affected", "version": "N/A"}], "platforms": ["Unknown"]}], "datePublic": "2025-04-08T07:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27743", "name": "Microsoft System Center Elevation of Privilege Vulnerability", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en-US", "value": "Untrusted search path in System Center allows an authorized attacker to elevate privileges locally."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-426", "description": "CWE-426: Untrusted Search Path"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:system_center_virtual_machine_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}, {"criteria": "cpe:2.3:a:microsoft:system_center_virtual_machine_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}, {"criteria": "cpe:2.3:a:microsoft:system_center_virtual_machine_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}, {"criteria": "cpe:2.3:a:microsoft:system_center_data_protection_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}, {"criteria": "cpe:2.3:a:microsoft:system_center_data_protection_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}, {"criteria": "cpe:2.3:a:microsoft:system_center_data_protection_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}, {"criteria": "cpe:2.3:a:microsoft:system_center_orchestrator:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}, {"criteria": "cpe:2.3:a:microsoft:system_center_orchestrator:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}, {"criteria": "cpe:2.3:a:microsoft:system_center_orchestrator:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}, {"criteria": "cpe:2.3:a:microsoft:system_center_service_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}, {"criteria": "cpe:2.3:a:microsoft:system_center_service_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}, {"criteria": "cpe:2.3:a:microsoft:system_center_service_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}, {"criteria": "cpe:2.3:a:microsoft:system_center_operations_manager:*:-:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}, {"criteria": "cpe:2.3:a:microsoft:system_center_operations_manager:*:-:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}, {"criteria": "cpe:2.3:a:microsoft:system_center_operations_manager:*:-:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "N/A"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2025-04-30T17:13:48.565Z"}}}, "cveMetadata": {"cveId": "CVE-2025-27743", "state": "PUBLISHED", "dateUpdated": "2025-04-30T17:13:48.565Z", "dateReserved": "2025-03-06T04:26:08.553Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2025-04-08T17:23:25.628Z", "assignerShortName": "microsoft"}, "dataVersion": "5.1"}