89 matches found
EUVD-2025-34318
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...
EUVD-2025-34431
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...
Vulnerabilities fixed in Microsoft Azure
Microsoft has fixed vulnerabilities in several Azure components. A malicious party could exploit the vulnerabilities to impersonate another user and potentially grant themselves elevated privileges, in order to gain access to sensitive data or execute arbitrary code with elevated privileges. The...
CVE-2025-47989
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...
CVE-2025-58724 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
CVE-2025-58724
CVE-2025-58724 : Affects Azure Connected Machine Agent. Description confirms an improper access control flaw that enables an authorized local attacker to escalate privileges. CVSS v3.1/3.1 base score 7.8 (HIGH) with local, low complexity, and no user interaction requirements; impact on confidenti...
CVE-2025-47989
Azure Connected Machine Agent suffers an improper access control flaw that allows an authorized, locally situated attacker to elevate privileges. Affected component: Azure Connected Machine Agent; root cause is access-control misimplementation. Impact per CVSS indicates high confidentiality, inte...
PT-2025-41994
Name of the Vulnerable Software and Affected Versions Azure Connected Machine Agent affected versions not specified Description An improper access control issue exists in the Azure Connected Machine Agent. An attacker with local access can elevate privileges. This could lead to gaining...
KLA89270 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Monitor Agent can be exploited remotely to gain privileges. 2. An elevatio...
PT-2025-42060
Name of the Vulnerable Software and Affected Versions Azure Connected Machine Agent affected versions not specified Description An improper access control issue exists in the Azure Connected Machine Agent. A successful exploit could allow a local attacker to gain elevated privileges...
Microsoft Azure Connected Machine Agent 访问控制错误漏洞
Microsoft Azure Connected Machine Agent is the ability of Microsoft Corporation USA to manage Windows and Linux computers hosted outside of Azure on a corporate network or other cloud provider. An access control error vulnerability exists in Microsoft Azure Connected Machine Agent, which stems fr...
Security Updates for Azure Connected Machine Agent < 1.56 (October 2025)
The Microsoft Azure Connected Machine Agent installation on the remote host is missing security updates. It is, therefore, affected by an elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. Note that Nessus has not tested for this issue but has instead...
EUVD-2024-37129
Malicious code in bioql PyPI...
EUVD-2025-27334
Malicious code in bioql PyPI...
EUVD-2024-19041
Malicious code in bioql PyPI...
Security Updates for Azure Connected Machine Agent < 1.49
The Microsoft Azure Connected Machine Agent installation on the remote host is missing security updates. It is, therefore, affected by an elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. Note that Nessus has not tested for this issue but has instead...
CVE-2025-49692
Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...
CVE-2025-49692 Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
CVE-2025-49692 Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
CVE-2025-49692
CVE-2025-49692 describes an elevation of privilege vulnerability in the Azure Connected Machine Agent (Azure Windows Virtual Machine Agent). The issue is due to improper access control, allowing an authorized attacker with local access and low user interaction to gain total impact (high confident...