CVE-2025-30387: Document Intelligence Studio On-Prem Elevation of Privilege Vulnerability

Overview

Severity

Critical (CVSS 9.8)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Elevation of Privilege

Exploit Status

Not Exploited

Exploitation Likelihood

Unlikely

Patch Tuesday

2025-May

Released

2025-05-13

EPSS Score

2.78% (percentile: 86.1%)

Description

Improper limitation of a pathname to a restricted directory ('path traversal') in Azure allows an unauthorized attacker to elevate privileges over a network.

FAQ

What actions does a valid user have to take to be protected against this vulnerability? Update the image to the latest tag. User data and setting will not be affected by upgrading to the latest tag. How could an attacker exploit this vulnerability? An attacker could exploit this vulnerability by bypassing authentication/authorization to access files located one directory above the intended file upload path. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could potentially download the content of parent folder of the mounted path.

Affected Products (1)

Azure

• Azure AI Document Intelligence Studio

Security Updates (1)

• Release Notes

Acknowledgments

<a href="https://twitter.com/yanir_">Yanir Tsarimi</a>

Revision History

• 2025-05-13: Information published.