CyberSecurity news
FlagThis
Pierluigi Paganini@Security Affairs
//
Microsoft has issued updates to address a critical vulnerability, CVE-2025-24989, impacting its Power Pages platform. This flaw, a high-severity issue, is already being actively exploited in the wild, allowing unauthorized access to websites. Threat actors can leverage the vulnerability to achieve privilege escalation within targeted networks and evade user registration controls, granting them unauthorized access to sites.
Microsoft reports that the vulnerability, CVE-2025-24989, only impacts certain Power Pages users. The company urges users to examine their websites for possible compromise. The U.S. CISA has added the Microsoft Power Pages flaw to its Known Exploited Vulnerabilities catalog.
ImgSrc: securityaffairs
References :
Microsoft reports that the vulnerability, CVE-2025-24989, only impacts certain Power Pages users. The company urges users to examine their websites for possible compromise. The U.S. CISA has added the Microsoft Power Pages flaw to its Known Exploited Vulnerabilities catalog.
ImgSrc: securityaffairs
Share:
References :
- securityaffairs.com: U.S. CISA adds Microsoft Power Pages flaw to its Known Exploited Vulnerabilities catalog
- socradar.io: Microsoft Patches Power Pages Zero-Day (CVE-2025-24989) & Recent PAN-OS Flaw (CVE-2025-0111) Joins CISA KEV
- www.scworld.com: Actively exploited Microsoft Power Pages flaw patched
- Report Boom: Microsoft has addressed a high-severity issue in Power Pages, CVE-2025-24989...
Classification:
- HashTags: #MicrosoftVulnerability #PowerPagesVulnerability #Cybersecurity
- Company: Microsoft
- Target: Microsoft Power Pages
- Product: Power Pages
- Feature: access control
- Type: Vulnerability
- Severity: Major