| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2025-49707 | Azure Virtual Machines Spoofing Vulnerability | Azure VMs | Critical | 01-09-2025 |
Technical Information
An authorized attacker can exploit improper access control in Azure Virtual Machines to perform spoofing attacks locally.
Patch release date: Aug 12, 2025
Further information on this vulnerability is available at : CVE-2025-49707
Affected Software
DCasv5-series Azure VM,DCadsv5-series Azure VM,
ECasv5-series Azure VM,
ECadsv5-series Azure VM,
DCesv5-series - Azure VM,
DCedsv5-series Azure VM,
ECesv5-series Azure VM,
ECedsv5-series Azure VM,
NCCadsH100v5-series Azure VM,
DCesv6-series Azure VM,
Ecesv6-series Azure VM