Microsoft Dynamics 365 Business Central
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Dynamics 365 Business Central.
Recent Microsoft Dynamics 365 Business Central Security Advisories
Advisory | Title | Published |
---|---|---|
CVE-2024-43460 | CVE-2024-43460 Dynamics 365 Business Central Elevation of Privilege Vulnerability | September 17, 2024 |
CVE-2024-38225 | CVE-2024-38225 Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability | September 10, 2024 |
CVE-2024-35248 | CVE-2024-35248 Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability | July 9, 2024 |
CVE-2024-35249 | CVE-2024-35249 Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability | July 9, 2024 |
CVE-2022-41127 | Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability | December 13, 2022 |
By the Year
In 2025 there have been 0 vulnerabilities in Microsoft Dynamics 365 Business Central. Last year, in 2024 Dynamics 365 Business Central had 5 security vulnerabilities published. Right now, Dynamics 365 Business Central is on track to have less security vulnerabilities in 2025 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 5 | 8.54 |
2023 | 1 | 7.20 |
2022 | 2 | 6.45 |
2021 | 4 | 6.23 |
2020 | 3 | 7.83 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Dynamics 365 Business Central vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Dynamics 365 Business Central Security Vulnerabilities
Improper authorization in Dynamics 365 Business Central resulted in a vulnerability
CVE-2024-43460
8.8 - High
- September 17, 2024
Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows an authenticated attacker to elevate privileges over a network.
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
CVE-2024-38225
9.8 - Critical
- September 10, 2024
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
authentification
Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability
CVE-2024-35249
8.8 - High
- June 11, 2024
Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability
Marshaling, Unmarshaling
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
CVE-2024-35248
7.3 - High
- June 11, 2024
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
authentification
Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability
CVE-2024-21380
8 - High
- February 13, 2024
Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
CVE-2023-38167
7.2 - High
- August 08, 2023
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability
CVE-2022-41127
8.5 - High
- December 13, 2022
Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability
Microsoft Business Central Information Disclosure Vulnerability
CVE-2022-41066
4.4 - Medium
- November 09, 2022
Microsoft Business Central Information Disclosure Vulnerability
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
CVE-2021-40440
5.4 - Medium
- September 15, 2021
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
XSS
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
CVE-2021-36946
5.4 - Medium
- August 12, 2021
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
XSS
Dynamics Business Central Remote Code Execution Vulnerability
CVE-2021-34474
8 - High
- July 14, 2021
Dynamics Business Central Remote Code Execution Vulnerability
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
CVE-2021-1724
6.1 - Medium
- February 25, 2021
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
XSS
An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the vulnerability could see the information
CVE-2020-1018
7.5 - High
- April 15, 2020
An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the vulnerability could see the information that are in a masked field.The security update addresses the vulnerability by updating the rendering engine the Windows client to properly detect masked fields and render the content as masked., aka 'Microsoft Dynamics Business Central/NAV Information Disclosure'.
Information Disclosure
A remote code execution vulnerability exists in Microsoft Dynamics Business Central
CVE-2020-1022
8 - High
- April 15, 2020
A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'.
Injection
An remote code execution vulnerability exists in Microsoft Dynamics Business Central
CVE-2020-0905
8 - High
- March 12, 2020
An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Dynamics Nav or by Microsoft? Click the Watch button to subscribe.