Platform
azure
Component
azure-storage-resource-provider
CVE-2025-29972 describes a server-side request forgery (SSRF) vulnerability within the Azure Storage Resource Provider. This flaw allows an authenticated attacker to perform network spoofing, potentially leading to unauthorized access to internal services and data. The vulnerability impacts versions of Azure Storage Resource Provider less than or equal to the currently known affected version. Microsoft is expected to release a patch to address this issue.
The SSRF vulnerability in Azure Storage Resource Provider poses a significant risk. An attacker exploiting this flaw can craft malicious requests that appear to originate from within the trusted Azure environment. This allows them to bypass security controls and potentially access internal resources that should be isolated. Attack scenarios include accessing metadata services, querying internal databases, or even interacting with other Azure services that are not publicly exposed. The blast radius extends to any internal resources accessible through the Azure Storage Resource Provider, potentially compromising sensitive data and disrupting critical operations. While no direct precedent exists for this specific SSRF, SSRF vulnerabilities generally share the potential for broad internal reconnaissance and exploitation.
CVE-2025-29972 was publicly disclosed on 2025-05-08. Its criticality (CVSS 9.9) indicates a high probability of exploitation. As of this writing, there are no publicly available proof-of-concept exploits. The vulnerability has been added to the CISA KEV catalog, signifying a heightened risk and potential for exploitation in the wild. Active campaigns are not currently confirmed, but the high severity warrants immediate attention and mitigation efforts.
Organizations heavily reliant on Azure Storage Resource Provider for data storage and access are at significant risk. This includes those with complex Azure deployments, legacy configurations, or those who have not implemented robust network segmentation. Shared hosting environments utilizing Azure Storage also face increased exposure.
• azure / resource-provider:
Get-AzResource | Where-Object {$_.ResourceType -like "Microsoft.Storage.StorageAccounts"} | Select-Object Name, Location, Properties• azure / resource-provider: Monitor Azure Activity Logs for suspicious outbound network connections originating from the Azure Storage Resource Provider. • generic web: Review Azure Storage account configurations for unusual access patterns or unexpected outbound traffic. • generic web: Examine Azure Network Security Group (NSG) rules for overly permissive outbound rules.
disclosure
Exploit Status
EPSS
4.46% (89% percentiel)
CISA SSVC
CVSS-vector
Until a patch is available, several mitigation strategies can reduce the risk associated with CVE-2025-29972. Implement strict network segmentation to limit the potential impact of a successful attack. Restrict outbound network access from the Azure Storage Resource Provider to only necessary destinations. Utilize Azure Network Security Groups (NSGs) to control traffic flow. Consider implementing a Web Application Firewall (WAF) to filter malicious requests. Regularly review and update Azure policies to enforce security best practices. After a patch is released, upgrade the Azure Storage Resource Provider to the fixed version to eliminate the vulnerability.
Microsoft recomienda aplicar las actualizaciones de seguridad proporcionadas para mitigar la vulnerabilidad de falsificación de solicitudes del lado del servidor (SSRF) en Azure Storage Resource Provider. Consulte el aviso de seguridad de Microsoft para obtener más detalles e instrucciones específicas.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2025-29972 is a critical server-side request forgery vulnerability in Azure Storage Resource Provider, allowing attackers to spoof network requests and potentially access internal resources.
If you are using Azure Storage Resource Provider versions less than or equal to the currently known affected version, you are potentially affected by this vulnerability.
Upgrade to the patched version of Azure Storage Resource Provider as soon as it becomes available. Until then, implement mitigation strategies like network segmentation and restricting outbound access.
While no active campaigns have been confirmed, the high severity of the vulnerability suggests a potential for exploitation, and proactive mitigation is recommended.
Refer to the official Microsoft Security Response Center (MSRC) advisory for detailed information and updates regarding CVE-2025-29972.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.