A severe vulnerability in Microsoft Power Pages, tracked as CVE-2025-24989, has been patched after being actively exploited by cybercriminals. This flaw, which scores 8.2 in severity, could allow attackers to elevate privileges and access restricted data. Microsoft promptly notified affected customers and provided guidance on assessing potential exploitation risks. Security experts pointed out that such vulnerabilities often arise in SaaS platforms due to overlooked pathways and untested functionalities. Fortunately, Microsoft's monitoring capabilities enabled a rapid response to mitigate this risk before broader exploitation occurred.
Microsoft has remedied a high severity vulnerability in Power Pages that could allow unauthorized access and control over sensitive information, following exploitation in the wild.
Cyber criminals exploited an improper access vulnerability in Microsoft Power Pages, leading to unauthorized privilege elevation and access to secured data, highlighting the need for constant security improvements.
Collection
[
|
...
]