49 matches found
CVE-2026-26141 Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability
...
CVE-2026-26141 Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability
...
CVE-2026-26141
CVE-2026-26141 corresponds to an Elevation of Privilege in the Hybrid Worker Extension (Arc-enabled Windows VMs) of Azure Arc, caused by improper authentication that could let an authorized attacker escalate privileges locally. The CVE entry notes a HIGH base score (CVSS 3.1: 7.8, LOCAL, LOW user...
CVE-2026-26117 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
CVE-2026-26117 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
CVE-2026-26117
CVE-2026-26117 concerns Arc Enabled Servers running the Azure Connected Machine Agent. The vulnerability is an Elevation of Privilege issue affecting the Azure Arc-enabled machine agent on Arc-enabled servers. According to the CVSS data, it is a local, low-complexity attack requiring LOW privileg...
Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability
Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally...
Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...
KLA90924 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Azure IOT...
CVE-2025-58724 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
CVE-2025-58724
CVE-2025-58724 : Affects Azure Connected Machine Agent. Description confirms an improper access control flaw that enables an authorized local attacker to escalate privileges. CVSS v3.1/3.1 base score 7.8 (HIGH) with local, low complexity, and no user interaction requirements; impact on confidenti...
Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...
KLA89270 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Monitor Agent can be exploited remotely to gain privileges. 2. An elevatio...
EUVD-2022-40614
Malicious code in bioql PyPI...
May 13, 2025—KB5058403 (Monthly Rollup)
May 13, 2025—KB5058403 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU only a...
March 11, 2025—KB5053887 (Monthly Rollup)
March 11, 2025—KB5053887 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU only...
February 11, 2025—KB5052042 (Monthly Rollup)
February 11, 2025—KB5052042 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU...
October 8, 2024—KB5044343 (Monthly Rollup)
October 8, 2024—KB5044343 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU onl...
September 10, 2024—KB5043138 (Monthly Rollup)
September 10, 2024—KB5043138 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU...
August 13, 2024—KB5041851 (Monthly Rollup)
August 13, 2024—KB5041851 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only a...