11/12/2025

ZDI-25-1050: Microsoft Azure Virtual Desktop Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Azure Virtual Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8.

Comments are closed.

You may also like

ZDI-25-823: (0Day) Microsoft Windows Theme File Parsing Improper Input Validation NTLM Relay Vulnerability

ZDI-25-325: Hewlett Packard Enterprise Insight Remote Support processAttachmentDataStream Directory Traversal Remote Code Execution Vulnerability