Ethical Hacking News
Microsoft has released out-of-band updates to address critical vulnerabilities in ASP.NET Core that could allow attackers to escalate privileges, putting sensitive data at risk. The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0 and is rated Important in severity. This development highlights the importance of regular patch management and keeping software up-to-date, as well as the need for robust security measures to protect against emerging threats.
The vulnerability CVE-2026-40372 in ASP.NET Core allows an attacker to escalate privileges, putting sensitive data at risk with a CVSS score of 9.1 out of 10.0. The vulnerability arises from improper verification of cryptographic signatures in ASP.NET Core, allowing unauthorized attackers to elevate privileges over a network. Microsoft has released ASP.NET Core version 10.0.7 to address this vulnerability and reduce the risk of privilege escalation attacks. Developers and organizations are urged to prioritize security updates and take proactive steps to ensure their applications remain secure.
Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges, putting sensitive data at risk. The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0 and is rated Important in severity.
According to Microsoft's Tuesday advisory, the vulnerability arises from improper verification of cryptographic signatures in ASP.NET Core, which allows an unauthorized attacker to elevate privileges over a network. If successfully exploited, an attacker could gain SYSTEM privileges, thereby compromising the application's integrity and potentially accessing sensitive data.
Microsoft emphasized that successful exploitation hinges on three prerequisites:
* The application uses Microsoft.AspNetCore.DataProtection 10.0.6 from NuGet (either directly or through a package that depends on it).
* The NuGet copy of the library was actually loaded at runtime.
* The application runs on Linux, macOS, or another non-Windows operating system.
In order to address this vulnerability, Microsoft has released ASP.NET Core version 10.0.7, which fixes a regression in the Microsoft.AspNetCore.DataProtection 10.0.0-10.0.6 NuGet packages that cause the managed authenticated encryptor to compute its HMAC validation tag over the wrong bytes of the payload and then discard the computed hash in some cases.
In such scenarios, an attacker could forge payloads that pass DataProtection's authenticity checks, as well as decrypt previously-protected payloads in authentication cookies, antiforgery tokens, and others. Furthermore, if an attacker used forged payloads to authenticate as a privileged user during the vulnerable window, they may have induced the application to issue legitimately-signed tokens (session refresh, API key, password reset link, etc.) to themselves.
Those tokens remain valid after upgrading to 10.0.7 unless the DataProtection key ring is rotated.
Microsoft has taken steps to mitigate this vulnerability by releasing an updated version of ASP.NET Core that addresses these issues and reduces the risk of privilege escalation attacks.
This development highlights the importance of regular patch management and keeping software up-to-date, as well as the need for robust security measures to protect against emerging threats. As a result, developers and organizations are urged to prioritize security updates and take proactive steps to ensure their applications remain secure.
In addition to this vulnerability, other critical vulnerabilities have been identified across various platforms and systems, underscoring the need for comprehensive threat intelligence and validation in CTEM (Cybersecurity Threat Intelligence and Management) prioritization and validation. The impact of these vulnerabilities emphasizes the importance of staying informed about emerging threats and implementing robust security measures to mitigate risks.
The hidden security risks associated with shadow AI in enterprises also underscore the necessity of addressing these issues proactively, as AI systems can pose significant security concerns if not properly secured.
Lastly, Microsoft's release of updates for SharePoint zero-day and 168 other new vulnerabilities serves as a reminder of the ongoing importance of staying informed about emerging threats and taking proactive steps to ensure system security.
Related Information:
https://www.ethicalhackingnews.com/articles/Microsoft-Patches-Critical-Vulnerabilities-to-Protect-Against-Privilege-Escalation-Attacks-ehn.shtml
https://thehackernews.com/2026/04/microsoft-patches-critical-aspnet-core.html
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-security-updates-for-critical-aspnet-flaw/
https://nvd.nist.gov/vuln/detail/CVE-2026-40372
https://www.cvedetails.com/cve/CVE-2026-40372/
Published: Wed Apr 22 08:57:37 2026 by llama3.2 3B Q4_K_M
