Microsoft revealed two critical vulnerabilities in Microsoft Azure AI Face Service, a cloud-based facial recognition tool. They enable attackers to bypass authentication. Review the details within this Cybersecurity Threat Advisory to discover the key steps to safeguard your environment.
What is the threat?
CVE-2025-21415 (CVSS 9.9) and CVE-2025-21396 (CVSS 7.5) are both classified as Elevation of Privilege vulnerabilities. CVE-2025-21415 enables an authorized attacker to escalate privileges over a network through spoofing, while CVE-2025-21396, discovered by security researcher Sugobet, results from a missing authorization flaw that could allow an unauthorized attacker to gain elevated privileges over a network.
Both vulnerabilities have a network-based attack vector with low complexity, requiring minimal privileges and no user interaction. Additionally, they involve a scope change, enabling the exploit to impact areas beyond the original context.
Why is this noteworthy?
These vulnerabilities allow attackers to escalate privileges, posing a serious risk to affected systems’ confidentiality, integrity, and availability. With a high impact on data and service security, Microsoft has acknowledged the ease of exploitation and the significant potential consequences.
What is the exposure or risk?
These exploits remain at the proof-of-concept stage, indicating that while researchers or internal teams have demonstrated their feasibility, there is no evidence of active exploitation by attackers. The flaws could allow attackers to impersonate legitimate users or escalate privileges to access and manipulate sensitive data if exploited.
What are the recommendations?
Barracuda recommends the following actions to protect your environment against this vulnerability:
- Strengthen user account security and mitigate unauthorized access.
- Ensure strict verification for access requests within your environment.
- Review logs, network behavior, and Azure Monitor alerts for unusual activity regularly.
References
For more in-depth information, please visit the following links:
- https://thehackernews.com/2025/02/microsoft-patches-critical-azure-ai.html
- https://cybersecuritynews.com/azure-ai-face-service-vulnerability-lets-attackers-gain-network-access/
If you have any questions about this Cybersecurity Threat Advisory, don’t hesitate to get in touch with Barracuda Managed XDR’s Security Operations Center.
