MSSQL and SCCM Elevation of Privilege Vulnerabilities

This post details the discovery and coordinated disclosure of two Microsoft privilege‑escalation vulnerabilities: CVE‑2025‑49758 in MSSQL (ALTER ANY LOGIN can reset passwords of securityadmin / IMPERSONATE ANY LOGIN principals to obtain sysadmin) and CVE‑2025‑47179 in Configuration Manager (CMPivot Administrator role granted excessive permissions enabling Full Administrator escalation); the author includes reproduction steps, BloodHound detection integration, remediation guidance, and timelines showing Microsoft released fixes.