PT-2026-40227 · Microsoft · Dynamics 365 Business Central

Nhien Pham

+1

·

Published

2026-05-12

·

Updated

2026-06-03

·

CVE-2026-40417

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Microsoft Dynamics 365 Business Central (affected versions not specified)
Description Weak authentication procedures allow an authorized attacker to elevate privileges locally.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-1390

Related Identifiers

BDU:2026-06798
CVE-2026-40417

Affected Products

Dynamics 365 Business Central