94 matches found
Security Updates for Azure Connected Machine Agent < 1.64 (May 2026)
The Microsoft Azure Connected Machine Agent installation on the remote host is missing security updates. It is, therefore, affected by an elevation of privilege vulnerability: - Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...
CVE-2026-40381
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...
CVE-2026-40381
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...
CVE-2026-40381
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...
CVE-2026-40381 Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
CVE-2026-40381 Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
CVE-2026-40381
CVE-2026-40381: Improper access control in the Azure Connected Machine Agent enables a locally authenticated attacker to elevate privileges. The vulnerability affects the Azure Connected Machine Agent; attacker must have local access and low privileges, with no user interaction required. The CVSS...
Azure Connected Machine Agent Elevation of Privilege Vulnerability
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...
KLA91034 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Azure Machine Learning Notebook can be...
PT-2026-40210
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...
Microsoft Azure Connected Machine Agent 访问控制错误漏洞
Microsoft Azure Connected Machine Agent is a core component of Microsoft that connects non-Azure servers to the Azure console. There is an access control vulnerability present in Microsoft Azure Connected Machine Agent. Attackers can exploit this vulnerability to gain higher privileges...
CVE-2026-26117
CVE-2026-26117 concerns Arc Enabled Servers running the Azure Connected Machine Agent. The vulnerability is an Elevation of Privilege issue affecting the Azure Arc-enabled machine agent on Arc-enabled servers. According to the CVSS data, it is a local, low-complexity attack requiring LOW privileg...
CVE-2026-26117 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
CVE-2026-26117 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
Microsoft Azure Connected Machine Agent 安全漏洞
Microsoft Azure Connected Machine Agent is a core component of Microsoft that connects non-Azure servers to the Azure console. There is a security vulnerability present in Microsoft Azure Connected Machine Agent. Attackers can exploit this vulnerability to gain higher privileges...
February 10, 2026—KB5075971 (Monthly Rollup)
None None...
Vulnerabilities fixed in Microsoft Azure
Microsoft has fixed vulnerabilities in several Azure components. A malicious party can exploit the vulnerabilities to grant themselves elevated privileges to access sensitive data or execute code that the malicious party is not initially authorized to execute. For successful abuse, the malicious...
CVE-2026-21224 Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
CVE-2026-21224
CVE-2026-21224 is a stack-based buffer overflow in the Microsoft Azure Connected Machine Agent that permits an authorized local attacker to elevate privileges on the host. The vulnerability is tied to the Azure Connected Machine Agent, with a CVSS v3.1 base score of 7.8 (HIGH) and LOCAL, LOW-Comp...
CVE-2026-21224 Azure Connected Machine Agent Elevation of Privilege Vulnerability
...