Jul 2025: Microsoft Purview Elevation of Privilege Vulnerability
CVE-2025-53762 Published on July 18, 2025
Microsoft Purview Elevation of Privilege Vulnerability
Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.
Weakness Type
What is an Allowlist / Allow List Vulnerability?
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are explicitly allowed by policy because the inputs are assumed to be safe, but the list is too permissive - that is, it allows an input that is unsafe, leading to resultant weaknesses.
CVE-2025-53762 has been classified to as an Allowlist / Allow List vulnerability or weakness.
Products Associated with CVE-2025-53762
stack.watch emails you whenever new vulnerabilities are published in Microsoft Purview or Microsoft Office Purview. Just hit a watch button to start following.
Affected Versions
Microsoft Purview Version - is affected by CVE-2025-53762Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.