CVE Catalog
CVE-2026-45642
LowCVSS 3.9Exploitation Probability (EPSS)
Low risk0.11%
28th percentile — higher than 28% of all known CVEs
Summary
Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack.
Risk Assessment
Attackers may exploit this vulnerability to impersonate trusted devices, potentially leading to unauthorized access to organizational resources.
Recommendation
It is recommended to implement additional security measures and regularly update systems to mitigate the risks associated with this vulnerability.
Original NVD description (English source)
Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack.

