49 matches found
CVE-2026-26141 Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability
...
CVE-2026-26141 Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability
...
CVE-2026-26141
CVE-2026-26141 corresponds to an Elevation of Privilege in the Hybrid Worker Extension (Arc-enabled Windows VMs) of Azure Arc, caused by improper authentication that could let an authorized attacker escalate privileges locally. The CVE entry notes a HIGH base score (CVSS 3.1: 7.8, LOCAL, LOW user...
CVE-2026-26117 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
CVE-2026-26117 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
CVE-2026-26117
CVE-2026-26117 concerns Arc Enabled Servers running the Azure Connected Machine Agent. The vulnerability is an Elevation of Privilege issue affecting the Azure Arc-enabled machine agent on Arc-enabled servers. According to the CVSS data, it is a local, low-complexity attack requiring LOW privileg...
Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability
Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally...
Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...
KLA90924 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Azure IOT...
CVE-2025-58724
CVE-2025-58724 : Affects Azure Connected Machine Agent. Description confirms an improper access control flaw that enables an authorized local attacker to escalate privileges. CVSS v3.1/3.1 base score 7.8 (HIGH) with local, low complexity, and no user interaction requirements; impact on confidenti...
CVE-2025-58724 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...
KLA89270 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Monitor Agent can be exploited remotely to gain privileges. 2. An elevatio...
EUVD-2022-40614
Malicious code in bioql PyPI...
May 13, 2025—KB5058403 (Monthly Rollup)
None None...
March 11, 2025—KB5053887 (Monthly Rollup)
None None...
February 11, 2025—KB5052042 (Monthly Rollup)
None None...
October 8, 2024—KB5044343 (Monthly Rollup)
None None...
September 10, 2024—KB5043138 (Monthly Rollup)
None None...
August 13, 2024—KB5041828 (Monthly Rollup)
None None...