Azure Arc

azure_arc

Vendor: Microsoft • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-24302 1Microsoft 1Azure Arc Apr 10, 2026 Feb 5, 2026 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Improper access control in Azure Arc allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-26627 1Microsoft 1Azure Arc Jan 20, 2026 Mar 11, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally.
CVE-2022-38007 1Microsoft 2Azure Arc Azure Guest Configuration Jan 2, 2025 Sep 13, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability