A critical vulnerability in Microsoft s Partner Center platform is under attack, enabling unauthenticated attackers to escalate privileges, potentially leading to data breaches, malware deployment, and lateral movement across enterprise networks.
The US Cybersecurity and Infrastructure Security Agency (CISA) has added the flaw, tracked as CVE-2024-49035, to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in real-world environments.
A high-impact vulnerability in Microsoft’s partner ecosystem
CVE-2024-49035 is a privilege escalation flaw stemming from improper access control within Microsoft Partner Center, a platform used by enterprises and managed service providers to handle cloud services, licenses, and customer accounts.
Microsoft first disclosed the issue in November 2024, assigning it a CVSS score of 8.7. However, the National Vulnerability Database (NVD) later upgraded its severity rating to 9.8 out of 10, citing its low attack complexity and high impact on confidentiality and integrity. The flaw enables threat actors to exploit the Microsoft Power Apps-based backend of Partner Center, gaining unauthorized access without requiring authentication.
This raises concerns about potential supply chain risks, as attackers could use compromised partner accounts to pivot into customer environments.
Discovery and response timeline
Security researchers Gautam Peri, Apoorv Wadhwa, and an anonymous contributor identified the vulnerability and reported it to Microsoft through the coordinated vulnerability disclosure process.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
