CVE-2025-47995: Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
mediumvulnerability
CVE-2025-47995 is a vulnerability in Azure Machine Learning that involves weak authentication (a system that doesn't properly verify user identity), allowing someone who already has some access to gain elevated privileges (higher-level permissions) over a network. The vulnerability has a CVSS 4.0 severity rating, though a full assessment from NIST has not yet been provided.
6.5(medium)
EPSS: 0.2%
Tech Giants Invest $12.5 Million in Open Source Security
Vance, Bessent questioned tech giants on AI security before Anthropic's Mythos release
Microsoft’s new AI system finds 16 Windows flaws, including four critical RCEs
OpenAI touts Amazon alliance in memo, says Microsoft has 'limited our ability' to reach clients
OpenAI shakes up partnership with Microsoft, capping revenue share payments
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-47995
First tracked: February 15, 2026 at 08:53 PM
Classified by LLM (prompt v3) · confidence: 85%