CVE Catalog

CVE-2026-47647

CriticalCVSS 9.9
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.43%

34th percentile — higher than 34% of all known CVEs

Summary

Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network.

Risk Assessment

An attacker with appropriate permissions may gain access to resources they should not have access to, potentially leading to serious security breaches.

Recommendation

It is recommended to review and strengthen access control mechanisms in Microsoft Dynamics 365 to prevent unauthorized privilege escalation.

Original NVD description (English source)

Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS