Critical Microsoft Partner Center Privilege Escalation Vulnerability (CVE-2024-49035)
2025-03-05
A critical vulnerability, CVE-2024-49035, has been discovered in Microsoft's Partner Center, allowing unauthenticated attackers to elevate privileges on a network. This improper access control vulnerability is listed in CISA's Known Exploited Vulnerabilities Catalog. Microsoft advises users to apply mitigations, follow BOD 22-01 guidance for cloud services, or discontinue use by March 18, 2025.
Tech
privilege escalation