Dynamics OmniChannel SDK Storage Containers Elevation of Privilege Vulnerability CVE ID: CVE-2025-64655 Release Date: Nov 20, 2025 Severity: Critical CVSS Score: 8.8 / 7.7 Impact Elevation of Privilege Weakness CWE-285: Improper Authorization Details CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Base Score Metrics - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Confidentiality: High - Integrity: High - Availability: High Summary The vulnerability documented by this CVE requires no customer action to resolve. The maximum severity is critical, with a high impact on confidentiality, integrity, and availability. The vulnerability is related to improper authorization.