CVE-2025-21415
Published: 29 January 2025
Description
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Security Summary
CVE-2025-21415 is an authentication bypass vulnerability achieved through spoofing in Azure AI Face Service. This flaw, linked to CWE-290, enables unauthorized access by exploiting authentication mechanisms within the service.
The vulnerability can be exploited by an authorized attacker with low privileges over a network, requiring low attack complexity and no user interaction. Successful exploitation allows privilege elevation, resulting in high impacts across confidentiality, integrity, and availability, with a changed scope, as reflected in its CVSS v3.1 base score of 9.9.
Microsoft's update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21415 provides details on mitigation and patching for this issue.
Details
- CWE(s)
Affected Products
AI Security Analysis
- AI Category
- Computer Vision
- Risk Domain
- Adversarial Attacks
- OWASP Top 10 for LLMs 2025
- None mapped
- MITRE ATLAS Techniques
- None mapped
- Classification Reason
- Azure AI Face Service is a computer vision service focused on facial detection and recognition, making spoofing directly related to CV AI capabilities.
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The CVE describes an authentication bypass vulnerability via spoofing in Azure AI Face Service, enabling an authorized attacker to elevate privileges remotely, which maps to exploitation for privilege escalation (T1068) and exploitation of remote services (T1210).