Detections
Analytics

Microsoft Endpoint Configuration Manager (CVE-2025-59501)

medium Nessus Plugin ID 271811

Language:

Synopsis

A system management application installed on the remote host is affected by an elevation of privilege vulnerability.

Description

The Microsoft Endpoint Configuration Manager application installed on the remote host is missing a security hotfix documented in the vendor advisory. It is, therefore, affected by an elevation of privilege vulnerability. An attacker could exploit this vulnerability by modifying the user principal name (UPN) of a valid Microsoft Entra ID account or create a new Account to impersonate an Active Directory user with the same UPN that was not synchronized to Entra ID. Successful exploitation could allow the attacker to gain unauthorized administrative control over Microsoft Configuration Manager and its managed clients.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Apply the security patch according to the vendor.

See Also

http://www.nessus.org/u?ee019e29

Plugin Details

Severity: Medium

ID: 271811

File Name: smb_nt_ms25_oct_endpoint_configuration_manager_CVE-2025-59501.nasl

Version: 1.1

Type: local

Agent: windows

Published: 10/28/2025

Updated: 10/28/2025

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:A/AC:H/Au:S/C:C/I:N/A:N

CVSS Score Source: CVE-2025-59501

CVSS v3

Risk Factor: Medium

Base Score: 4.8

Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: x-cpe:/a:microsoft:configuration_manager, cpe:/a:microsoft:endpoint_configuration_manager

Patch Publication Date: 10/24/2025

Vulnerability Publication Date: 10/24/2025

Reference Information

CVE: CVE-2025-59501

CWE: 290

IAVA: 2025-A-0767

MSFT: MS25-32851084, MS25-35360093

MSKB: 32851084, 35360093