Microsoft Configuration Manager Remote Code Execution Vulnerability

July 8, 2025 invoker category_news

Security Update News

Update Information

Title Microsoft Configuration Manager Remote Code Execution Vulnerability
Update ID MS:CVE-2025-47178
Type mscve
Published 2025-07-08T07:00:00
Last Updated 2025-07-08T07:00:00

Security Impact

CVSS Score 8.0
Severity HIGH

AI Analysis

AI Description A vulnerability in Microsoft Configuration Manager allows an attacker to execute code remotely via SQL injection. This could lead to unauthorized access and data compromise. The issue is rated Critical due to its high CVSS score and the product’s widespread use.
AI Severity Critical
AI Vendor Microsoft
AI Product Microsoft Configuration Manager
AI Version Unknown

Affected CVEs

  • CVE-2025-47178

Update Details

Improper neutralization of special elements used in an sql command (‘sql injection’) in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.

View Advisory Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.