CVE-2026-40417

High

Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally.

secure@microsoft.com·CWE-1390·Published 2026-05-12

CVSS

7.8

EPSS

0.00

KEV

Exploits

cve.orgen

109 chars

Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally.

NVDen

109 chars

Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally.

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	7.8	—	—	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C