CVE-2026-26117 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability

...

CVE-2026-26117 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability

...

CVE-2026-26117

CVE-2026-26117 concerns Arc Enabled Servers running the Azure Connected Machine Agent. The vulnerability is an Elevation of Privilege issue affecting the Azure Arc-enabled machine agent on Arc-enabled servers. According to the CVSS data, it is a local, low-complexity attack requiring LOW privileg...

Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...

KLA90924 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Azure IOT...

CVE-2025-58724 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability

...

CVE-2025-58724

CVE-2025-58724 : Affects Azure Connected Machine Agent. Description confirms an improper access control flaw that enables an authorized local attacker to escalate privileges. CVSS v3.1/3.1 base score 7.8 (HIGH) with local, low complexity, and no user interaction requirements; impact on confidenti...

Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...

KLA89270 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Monitor Agent can be exploited remotely to gain privileges. 2. An elevatio...

EUVD-2022-40614

Malicious code in bioql PyPI...

Privilege escalation

Azure Arc-Enabled Servers Elevation of Privilege Vulnerability...

CVE-2023-38176 Azure Arc-Enabled Servers Elevation of Privilege Vulnerability

...

PT-2023-26323 · Microsoft · Azure Arc-Enabled Servers

Name of the Vulnerable Software and Affected Versions: Azure Arc-Enabled Servers affected versions not specified Description: The issue is related to an elevation of privilege vulnerability. There is no information provided about the estimated number of potentially affected devices worldwide or...

CVE-2022-38007

Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability...

CVE-2022-38007

Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability...

CVE-2022-38007 Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability

...

CVE-2022-38007

CVE-2022-38007 affects Azure Guest Configuration and Azure Arc-enabled servers. The vulnerability enables local elevation of privilege by potentially replacing Microsoft-shipped code used by the Guest Configuration daemon (and related GC Arc Service/Extension daemons) and executing it with higher...

PT-2022-5825 · Microsoft · Azure Arc +1

Name of the Vulnerable Software and Affected Versions: Azure Guest Configuration and Azure Arc-enabled servers affected versions not specified Description: The issue is related to insufficient access controls in the Azure Guest Configuration component, which is part of the Azure Policy service an...