CVE-2025-53781

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-53781
Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network.

7.7 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.1 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53781 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:microsoft:ecesv6-series_azure_vm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:microsoft:ecesv6-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:microsoft:dcesv6-series_azure_vm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:microsoft:dcesv6-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:microsoft:nccadsh100v5-series_azure_vm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:microsoft:nccadsh100v5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:microsoft:ecedsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:microsoft:ecedsv5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:microsoft:ecesv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:microsoft:ecesv5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:microsoft:dcedsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:microsoft:dcedsv5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:microsoft:dcesv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:microsoft:dcesv5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:microsoft:ecadsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:microsoft:ecadsv5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:microsoft:ecasv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:microsoft:ecasv5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:microsoft:dcadsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:microsoft:dcadsv5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:microsoft:dcasv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:microsoft:dcasv5-series_azure_vm:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2025-08-12 18:15

Updated : 2025-09-10 14:57

NVD link : CVE-2025-53781

Mitre link : CVE-2025-53781

CVE.ORG link : CVE-2025-53781

JSON object : View

Products Affected

microsoft

  • dcadsv5-series_azure_vm_firmware
  • nccadsh100v5-series_azure_vm
  • dcesv5-series_azure_vm
  • ecedsv5-series_azure_vm
  • ecesv5-series_azure_vm
  • ecasv5-series_azure_vm
  • nccadsh100v5-series_azure_vm_firmware
  • ecasv5-series_azure_vm_firmware
  • dcesv6-series_azure_vm
  • dcedsv5-series_azure_vm
  • ecedsv5-series_azure_vm_firmware
  • dcedsv5-series_azure_vm_firmware
  • ecesv5-series_azure_vm_firmware
  • ecesv6-series_azure_vm_firmware
  • ecadsv5-series_azure_vm_firmware
  • ecesv6-series_azure_vm
  • dcasv5-series_azure_vm
  • dcasv5-series_azure_vm_firmware
  • ecadsv5-series_azure_vm
  • dcadsv5-series_azure_vm
  • dcesv6-series_azure_vm_firmware
  • dcesv5-series_azure_vm_firmware
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

NVD-CWE-noinfo