CVE-2025-30387 is a critical security vulnerability identified in Microsoft Azure AI Document Intelligence Studio version 1.0.0. The flaw is classified under CWE-22, which pertains to improper limitation of a pathname to a restricted directory, commonly known as a path traversal vulnerability. This vulnerability allows an unauthenticated attacker to craft specially designed requests that manipulate file path parameters, bypassing directory restrictions imposed by the application. As a result, the attacker can access or modify files outside the intended directory scope, potentially leading to privilege escalation and unauthorized control over the system. The vulnerability is exploitable remotely over the network without requiring any user interaction or prior authentication, making it highly dangerous. The CVSS v3.1 base score is 9.8, reflecting critical severity with high impact on confidentiality, integrity, and availability. Although no public exploits have been reported yet, the vulnerability’s nature and ease of exploitation make it a prime target for attackers once exploit code becomes available. The vulnerability was reserved in March 2025 and published in May 2025, indicating recent discovery and disclosure. The lack of available patches at the time of reporting underscores the urgency for organizations to implement interim mitigations and monitor for suspicious activity. Given the product’s role in processing sensitive AI-driven document intelligence tasks within Azure, exploitation could lead to exposure or tampering of sensitive data, disruption of AI workflows, and potential lateral movement within cloud environments.

For European organizations, the impact of CVE-2025-30387 is significant due to the widespread adoption of Microsoft Azure cloud services and increasing reliance on AI-powered document processing. Successful exploitation could result in unauthorized access to sensitive documents, intellectual property theft, and disruption of critical AI services. This could undermine compliance with stringent European data protection regulations such as GDPR, leading to legal and financial repercussions. Additionally, the compromise of AI document intelligence workflows could affect sectors like finance, healthcare, and government, where document integrity and confidentiality are paramount. The ability to escalate privileges without authentication increases the risk of broader cloud environment compromise, potentially affecting multiple tenants in shared infrastructure. The high severity and network-based exploitation vector mean attackers can launch attacks remotely, increasing the threat surface for European enterprises. The absence of known exploits currently provides a window for proactive defense, but the critical nature demands immediate attention to prevent future attacks.

Until an official patch is released by Microsoft, European organizations should implement several specific mitigations: 1) Employ strict input validation and sanitization on all user-supplied file path parameters to prevent path traversal attempts. 2) Restrict permissions on directories and files accessed by Azure AI Document Intelligence Studio to the minimum necessary, enforcing the principle of least privilege. 3) Use Azure’s built-in network segmentation and firewall capabilities to limit access to the AI Document Intelligence Studio service from trusted IP ranges only. 4) Monitor logs and alerts for unusual file access patterns or attempts to access restricted directories. 5) Implement application-layer security controls such as Web Application Firewalls (WAFs) with custom rules to detect and block path traversal payloads. 6) Prepare for rapid deployment of patches by maintaining an up-to-date asset inventory and testing environment. 7) Educate security teams on the specifics of this vulnerability to enhance incident response readiness. 8) Consider isolating critical AI workloads in dedicated Azure subscriptions or resource groups to limit blast radius in case of compromise.