CVE Catalog

CVE-2026-32174

HighCVSS 7.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.37%

29th percentile - higher than 29% of all known CVEs

Summary

Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network.

Risk Assessment

The organization may be exposed to unauthorized access to resources and potential abuse of privileges by an attacker.

Recommendation

It is recommended to review and strengthen the authentication mechanisms in Azure Bot Service to prevent privilege escalation.

Original NVD description (English source)

Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS