Azure Connected Machine Agent

azure_connected_machine_agent

Vendor: Microsoft • 10 CVEs

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-40381 1Microsoft 1Azure Connected Machine Agent May 18, 2026 May 12, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-21224 1Microsoft 1Azure Connected Machine Agent Jan 14, 2026 Jan 13, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Stack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
CVE-2025-58724 1Microsoft 1Azure Connected Machine Agent Oct 20, 2025 Oct 14, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
CVE-2025-47989 1Microsoft 1Azure Connected Machine Agent Oct 20, 2025 Oct 14, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
CVE-2025-55316 1Microsoft 1Azure Connected Machine Agent Sep 12, 2025 Sep 9, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally.
CVE-2025-49692 1Microsoft 1Azure Connected Machine Agent Oct 1, 2025 Sep 9, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally.
CVE-2024-38162 1Microsoft 1Azure Connected Machine Agent Aug 16, 2024 Aug 13, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVE-2024-38098 1Microsoft 1Azure Connected Machine Agent Aug 16, 2024 Aug 13, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVE-2024-21329 1Microsoft 1Azure Connected Machine Agent Nov 21, 2024 Feb 13, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVE-2023-35624 1Microsoft 1Azure Connected Machine Agent Nov 21, 2024 Dec 12, 2023 N/A· v4 7.3 HIGH· v3 N/A· v2 Azure Connected Machine Agent Elevation of Privilege Vulnerability