Volerion logoVolerion
Volerion logoVolerion

Microsoft Configuration Manager Authentication Bypass Vulnerability Allowing Spoofing

Vulnerability

A vulnerability in Microsoft Configuration Manager has been identified, allowing authentication bypass by spoofing. This issue enables an authorized attacker to impersonate users over an adjacent network. The vulnerability arises because Active Directory user accounts with certain user principal names (UPNs) were not properly synchronized to Microsoft Entra ID, creating an opportunity for spoofing attacks.

Impact

Exploitation of this vulnerability could allow an attacker to gain unauthorized administrative control over Microsoft Configuration Manager and its managed clients.

Remediation

Users can download the security update for Microsoft Configuration Manager version 2409, 2503, or 2403 through the Microsoft Endpoint Configuration Manager update center.

Added: Oct 31, 2025, 5:25 PM
Updated: Oct 31, 2025, 5:25 PM

Vulnerability Rating

Custom Algorithm
spread
4.5
impact
6.7
exploitability
3.1
remediation
7.7
relevance
0.9
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.