CVE-2025-47966 PUBLISHED
Power Automate Elevation of Privilege Vulnerability
Assigner: microsoft
Reserved: 14.05.2025
Published: 05.06.2025
Updated: 11.06.2025
Metrics
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CVSS Score: 9.8
| Attack Vector |
Network |
Scope |
Unchanged |
| Attack Complexity |
Low |
Confidentiality Impact |
High |
| Privileges Required |
None |
Integrity Impact |
High |
| User Interaction |
None |
Availability Impact |
High |
CVSS 3.1
Product Status
| Vendor |
Microsoft |
| Product |
Power Automate for Desktop |
| Versions |
|
References
Problem Types