CVE-2025-53781 - Vulnerability Details

- Azure Virtual Machines Information Disclosure Vulnerability

Description

Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network.

Published: 2025-08-12

Score: 7.7 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Microsoft

DCadsv5-series Azure VM

affected

Version	Status	Constraints
`-`	affected	—

Microsoft

DCasv5-series Azure VM

affected

Version	Status	Constraints
`-`	affected	—

Microsoft

DCedsv5-series Azure VM

affected

Version	Status	Constraints
`-`	affected	—

Microsoft

DCesv5-series - Azure VM

affected

Version	Status	Constraints
`-`	affected	—

Microsoft

DCesv6-series Azure VM

affected

Version	Status	Constraints
`-`	affected	—

Microsoft

ECadsv5-series Azure VM

affected

Version	Status	Constraints
`-`	affected	—

Microsoft

ECasv5-series Azure VM

affected

Version	Status	Constraints
`-`	affected	—

Microsoft

ECedsv5-series Azure VM

affected

Version	Status	Constraints
`-`	affected	—

Microsoft

ECesv5-series Azure VM

affected

Version	Status	Constraints
`-`	affected	—

Microsoft

Ecesv6-series Azure VM

affected

Version	Status	Constraints
`-`	affected	—

Microsoft

NCCadsH100v5-series Azure VM

affected

Version	Status	Constraints
`-`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:microsoft:ecesv6-series_azure_vm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:microsoft:ecesv6-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:microsoft:dcesv6-series_azure_vm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:microsoft:dcesv6-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:microsoft:nccadsh100v5-series_azure_vm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:microsoft:nccadsh100v5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:microsoft:ecedsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:microsoft:ecedsv5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:microsoft:ecesv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:microsoft:ecesv5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:microsoft:dcedsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:microsoft:dcedsv5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:microsoft:dcesv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:microsoft:dcesv5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:microsoft:ecadsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:microsoft:ecadsv5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:microsoft:ecasv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:microsoft:ecasv5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:microsoft:dcadsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:microsoft:dcadsv5-series_azure_vm:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:microsoft:dcasv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:microsoft:dcasv5-series_azure_vm:-:*:*:*:*:*:*:*

No data.

Vendor	Product	Confidence	Versions
Microsoft	Azure	—	—
Microsoft	Azure Virtual Machine	—	—
Microsoft	Virtual Machine	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-24365	Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0024.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53781

History

Fri, 13 Feb 2026 19:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Microsoft dcadsv5 Series Azure Vm Microsoft dcasv5 Series Azure Vm Microsoft dcedsv5 Series Azure Vm Microsoft dcesv5 Series Azure Vm Microsoft ecadsv5 Series Azure Vm Microsoft ecasv5 Series Azure Vm Microsoft ecedsv5 Series Azure Vm Microsoft ecesv5 Series Azure Vm Microsoft nccadsh100v5 Series Azure Vm
CPEs		cpe:2.3:a:microsoft:DCadsv5_series_Azure_VM:::::::: cpe:2.3:a:microsoft:DCasv5_series_Azure_VM:::::::: cpe:2.3:a:microsoft:DCedsv5_series_Azure_VM:::::::: cpe:2.3:a:microsoft:DCesv5_series_Azure_VM:::::::: cpe:2.3:a:microsoft:ECadsv5_series_Azure_VM:::::::: cpe:2.3:a:microsoft:ECasv5_series_Azure_VM:::::::: cpe:2.3:a:microsoft:ECedsv5_series_Azure_VM:::::::: cpe:2.3:a:microsoft:ECesv5_series_Azure_VM:::::::: cpe:2.3:a:microsoft:NCCadsH100v5_series_Azure_VM::::::::
Vendors & Products		Microsoft dcadsv5 Series Azure Vm Microsoft dcasv5 Series Azure Vm Microsoft dcedsv5 Series Azure Vm Microsoft dcesv5 Series Azure Vm Microsoft ecadsv5 Series Azure Vm Microsoft ecasv5 Series Azure Vm Microsoft ecedsv5 Series Azure Vm Microsoft ecesv5 Series Azure Vm Microsoft nccadsh100v5 Series Azure Vm

Wed, 10 Sep 2025 15:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Microsoft dcadsv5-series Azure Vm Microsoft dcadsv5-series Azure Vm Firmware Microsoft dcasv5-series Azure Vm Microsoft dcasv5-series Azure Vm Firmware Microsoft dcedsv5-series Azure Vm Microsoft dcedsv5-series Azure Vm Firmware Microsoft dcesv5-series Azure Vm Microsoft dcesv5-series Azure Vm Firmware Microsoft dcesv6-series Azure Vm Microsoft dcesv6-series Azure Vm Firmware Microsoft ecadsv5-series Azure Vm Microsoft ecadsv5-series Azure Vm Firmware Microsoft ecasv5-series Azure Vm Microsoft ecasv5-series Azure Vm Firmware Microsoft ecedsv5-series Azure Vm Microsoft ecedsv5-series Azure Vm Firmware Microsoft ecesv5-series Azure Vm Microsoft ecesv5-series Azure Vm Firmware Microsoft ecesv6-series Azure Vm Microsoft ecesv6-series Azure Vm Firmware Microsoft nccadsh100v5-series Azure Vm Microsoft nccadsh100v5-series Azure Vm Firmware
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:h:microsoft:dcadsv5-series_azure_vm:-:::::::* cpe:2.3:h:microsoft:dcasv5-series_azure_vm:-:::::::* cpe:2.3:h:microsoft:dcedsv5-series_azure_vm:-:::::::* cpe:2.3:h:microsoft:dcesv5-series_azure_vm:-:::::::* cpe:2.3:h:microsoft:dcesv6-series_azure_vm:-:::::::* cpe:2.3:h:microsoft:ecadsv5-series_azure_vm:-:::::::* cpe:2.3:h:microsoft:ecasv5-series_azure_vm:-:::::::* cpe:2.3:h:microsoft:ecedsv5-series_azure_vm:-:::::::* cpe:2.3:h:microsoft:ecesv5-series_azure_vm:-:::::::* cpe:2.3:h:microsoft:ecesv6-series_azure_vm:-:::::::* cpe:2.3:h:microsoft:nccadsh100v5-series_azure_vm:-:::::::* cpe:2.3:o:microsoft:dcadsv5-series_azure_vm_firmware:-:::::::* cpe:2.3:o:microsoft:dcasv5-series_azure_vm_firmware:-:::::::* cpe:2.3:o:microsoft:dcedsv5-series_azure_vm_firmware:-:::::::* cpe:2.3:o:microsoft:dcesv5-series_azure_vm_firmware:-:::::::* cpe:2.3:o:microsoft:dcesv6-series_azure_vm_firmware:-:::::::* cpe:2.3:o:microsoft:ecadsv5-series_azure_vm_firmware:-:::::::* cpe:2.3:o:microsoft:ecasv5-series_azure_vm_firmware:-:::::::* cpe:2.3:o:microsoft:ecedsv5-series_azure_vm_firmware:-:::::::* cpe:2.3:o:microsoft:ecesv5-series_azure_vm_firmware:-:::::::* cpe:2.3:o:microsoft:ecesv6-series_azure_vm_firmware:-:::::::* cpe:2.3:o:microsoft:nccadsh100v5-series_azure_vm_firmware:-:::::::*
Vendors & Products		Microsoft dcadsv5-series Azure Vm Microsoft dcadsv5-series Azure Vm Firmware Microsoft dcasv5-series Azure Vm Microsoft dcasv5-series Azure Vm Firmware Microsoft dcedsv5-series Azure Vm Microsoft dcedsv5-series Azure Vm Firmware Microsoft dcesv5-series Azure Vm Microsoft dcesv5-series Azure Vm Firmware Microsoft dcesv6-series Azure Vm Microsoft dcesv6-series Azure Vm Firmware Microsoft ecadsv5-series Azure Vm Microsoft ecadsv5-series Azure Vm Firmware Microsoft ecasv5-series Azure Vm Microsoft ecasv5-series Azure Vm Firmware Microsoft ecedsv5-series Azure Vm Microsoft ecedsv5-series Azure Vm Firmware Microsoft ecesv5-series Azure Vm Microsoft ecesv5-series Azure Vm Firmware Microsoft ecesv6-series Azure Vm Microsoft ecesv6-series Azure Vm Firmware Microsoft nccadsh100v5-series Azure Vm Microsoft nccadsh100v5-series Azure Vm Firmware

Thu, 14 Aug 2025 06:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Microsoft Microsoft azure Microsoft azure Virtual Machine Microsoft virtual Machine
Vendors & Products		Microsoft Microsoft azure Microsoft azure Virtual Machine Microsoft virtual Machine

Tue, 12 Aug 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 12 Aug 2025 17:30:00 +0000

Type	Values Removed	Values Added
Description		Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network.
Title		Azure Virtual Machines Information Disclosure Vulnerability
Weaknesses		CWE-200
References		https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53781
Metrics		cvssV3_1 `{'score': 7.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C'}`

Subscriptions

Microsoft Dcadsv5 Series Azure Vm Dcasv5 Series Azure Vm Dcedsv5 Series Azure Vm Dcesv5 Series Azure Vm Ecadsv5 Series Azure Vm Ecasv5 Series Azure Vm Ecedsv5 Series Azure Vm Ecesv5 Series Azure Vm Nccadsh100v5 Series Azure Vm Azure Azure Virtual Machine Dcadsv5-series Azure Vm Dcadsv5-series Azure Vm Firmware Dcasv5-series Azure Vm Dcasv5-series Azure Vm Firmware Dcedsv5-series Azure Vm Dcedsv5-series Azure Vm Firmware Dcesv5-series Azure Vm Dcesv5-series Azure Vm Firmware Dcesv6-series Azure Vm Dcesv6-series Azure Vm Firmware Ecadsv5-series Azure Vm Ecadsv5-series Azure Vm Firmware Ecasv5-series Azure Vm Ecasv5-series Azure Vm Firmware Ecedsv5-series Azure Vm Ecedsv5-series Azure Vm Firmware Ecesv5-series Azure Vm Ecesv5-series Azure Vm Firmware Ecesv6-series Azure Vm Ecesv6-series Azure Vm Firmware Nccadsh100v5-series Azure Vm Nccadsh100v5-series Azure Vm Firmware Virtual Machine

MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2025-08-12T17:09:51.592Z

Updated: 2026-02-13T18:54:06.951Z

Reserved: 2025-07-09T13:25:25.502Z

Link: CVE-2025-53781

Vulnrichment

Updated: 2025-08-12T19:07:31.979Z

NVD

Status : Analyzed

Published: 2025-08-12T18:15:46.473

Modified: 2025-09-10T14:57:05.167

Link: CVE-2025-53781

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-08-13T21:48:00Z

Weaknesses

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object