13 matches found
CVE-2024-29989
CVE-2024-29989 is an Azure Monitor Agent elevation-of-privilege vulnerability. Connected sources confirm affected product (Azure Monitor Agent), vulnerability class (elevation of privilege), and CVSSv3.1 base score 8.4 with LOCAL/LOW-complexity access, LOW privileges required, user interaction No...
CVE-2024-30060
The connected PT-2024-3939 advisory identifies Microsoft Azure Monitor Agent as affected. Root cause is an incorrect reference count before accessing a file, enabling privilege escalation via a specially crafted link. Affected versions are not specified, and there is no information about a fix in...
CVE-2024-38097
CVE-2024-38097 affects Microsoft Azure Monitor Agent. The vulnerability is an elevation of privilege in the Monitor Agent component, enabling local attacker with Low privileges and no user interaction to gain HIGH integrity and Privilege escalation on affected systems (local vector). Root cause d...
CVE-2024-35254
CVE-2024-35254 is an Elevation of Privilege vulnerability in the Azure Monitor Agent . The CVSSv3.1 base score is 7.1 ( HIGH ), with a LOCAL attack vector, LOW attack complexity, LOW privileges required, and NO user interaction. The impact is Integrity: HIGH and Availability: HIGH ; Confidentiali...
CVE-2025-47988
Azure Monitor Agent (Microsoft) is vulnerable to CVE-2025-47988 due to improper control of code generation, enabling remote code execution over an adjacent network. Connected sources confirm affected versions are older than 1.35.1 and describe the issue as remote code execution via code injection...
CVE-2025-59285
Azure Monitor Agent (Microsoft) is affected by CVE-2025-59285: deserialization of untrusted data can allow an authorized attacker to elevate privileges locally. The issue targets the Azure Monitor Agent component and is documented across multiple sources, including MSRC updates and NVD entries. T...
CVE-2026-42830
The CVE-2026-42830 entry concerns the Azure Monitor Agent Metrics Extension, where an untrusted search path leads to local privilege elevation for an authorized attacker. Reported impact is Privilege Escalation with High integrity impact, from the Azure Monitor Agent; CVSS 3.1 base score 6.5 (Loc...
CVE-2025-59504
CVE-2025-59504 is a heap-based buffer overflow vulnerability in Microsoft’s Azure Monitor Agent. Connected sources identify the affected component as the Azure Monitor Agent (Windows), with exploitation possible when running versions prior to 1.37.1. The underlying issue is a heap-based buffer ov...
CVE-2025-59494
CVE-2025-59494 corresponds to an elevation-of-privilege vulnerability in Microsoft Azure Monitor Agent (Azure Monitor Agent). The issue is described as improper access control that allows an authorized local attacker to elevate privileges. CVSS v3.1 base score 7.8 (High), with LOCAL attack, low a...
CVE-2026-32168
CVE-2026-32168 concerns the Azure Monitor Agent. The connected sources confirm an elevated-privilege vulnerability caused by improper input validation, enabling an authorized attacker to obtain higher privileges locally. Affected components explicitly named include Azure Monitor Agent (and relate...
CVE-2025-62550
The CVE-2025-62550 entry concerns Microsoft Azure Monitor Agent. Affected component: Azure Monitor Agent; vulnerability type: out-of-bounds write that enables remote code execution when exploited over a network by an authorized attacker. A connected Nessus plugin notes versions prior to 1.35.9 ar...
CVE-2026-32192
Azure Monitor Agent is affected by a Deserialization of untrusted data vulnerability (CVE-2026-32192) that allows an authorized attacker to elevate privileges locally. Public sources describe the issue as an elevation of privilege in Azure Monitor Agent, linked to improper input validation during...
CVE-2026-32204
Azure Monitor Agent is affected by CVE-2026-32204. The vulnerability involves external control of a file name or path in the agent, enabling an authorized, local attacker to elevate privileges. The CVE has a high impact (C:H, I:H, A:H) with local attack vector and low attack complexity, requiring...