CVE-2025-59247

Published: Oct 9, 2025Modified: Oct 20, 2025

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Azure PlayFab Elevation of Privilege Vulnerability

Affected (1)

Products: Microsoft: Azure Playfab

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Azure Playfab	All versions

Related CWEs

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Reliance on Cookies without Validation and Integrity Checking

The product relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user.

References (1)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59247

Source: secure@microsoft.com

Vendor Advisory

Timeline

No history available yet.