CVE-2024-49035 - PatchNow

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: DIRECT_NETWORK

CVE Published: 2024-11-26

Added to CISA KEV: 2025-02-25 91 DAYS BETWEEN CVE AND KEV

CRITICAL: Check for indicators of compromise - this vulnerability is in CISA KEV indicating active exploitation in the wild. Review Partner Center access logs, check for unauthorized account access or privilege changes, verify all partner account configurations and permissions
This is a Microsoft-hosted service so patching is handled by Microsoft - verify the vulnerability has been addressed by monitoring Microsoft Security Response Center updates
Monitor Partner Center accounts for unauthorized access, privilege escalation, or configuration changes
Review and audit all Partner Center user accounts and permissions immediately
Implement additional monitoring for Partner Center administrative actions and account modifications

CVE-2024-49035 is an improper access control vulnerability affecting the Microsoft Partner Center (`Partner.Microsoft.com`) ^[2].

Below is a summary of the known details regarding this vulnerability:

Impact: The vulnerability allows an unauthenticated attacker to elevate privileges over a network ^[2].
Attack Method: It is a network-based attack that does not require authentication or user interaction to exploit ^[3].

Active Exploitation: This vulnerability has been confirmed as being actively exploited in the wild. It was added to the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) Catalog due to evidence of such activity ^[1].
Targeted Attacks/Ransomware: While it is confirmed to be exploited in the wild, specific details regarding its use in ransomware campaigns or specific targeted threat actor groups are not publicly detailed in standard vulnerability databases.

Proof-of-Concept (PoC): There is no widely available public information detailing specific proof-of-concept exploit code or tools for this vulnerability ^[1].
Affected Versions and Patch Status: The vulnerability affects the Microsoft Partner Center. Because this is a hosted service managed by Microsoft, remediation is typically handled on the server side by the vendor. Users of the service should follow guidance provided by Microsoft's Security Response Center (MSRC) regarding any necessary actions or updates ^[1].

CVE-2024-49035 - Exploits & Severity
An improper access control vulnerability in Partner.Microsoft.com that allows an unauthenticated attacker to elevate privileges over a network. ... CVE-2024-49035 is an improper access control vulnerability in the Microsoft Partner Center, which has been added to CISA's Known Exploited Vulnerabiliti…
CVE-2024-49035 Detail - NVD
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network. ... An official website of the United States government Here's how you know ... Vulnerabilities. CVE-2024-49035 Detail. Exclusively Hosted Service.An improper…
An improper access control vulnerability in Partner... · CVE- ...
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network. ... High severity Unreviewed Published on Nov 26, 2024 to the GitHub Advisory Database • Updated on Oct 21, 2025 ... CVSS v3 base metrics. Attack vector: More…

🔴 CVE-2024-49035