Primary

Context

Microsoft Azure Local Privilege Escalation Vulnerability

Vulnerability

Patched

A vulnerability allowing local privilege escalation has been identified in Azure Local. This issue arises from improper input validation, which could enable an authorized attacker to elevate privileges within the affected environment.

Impact

Exploitation of this vulnerability could allow an authorized attacker to load a non-Microsoft DLL into an enclave, potentially leading to code execution within the context of the target enclave.

Remediation

Security updates for this vulnerability are available for Windows 10 (both x64-based and 32-bit systems) as of April 9, 2025. For Azure Stack HCI, security updates are available for both the 23H2 and 22H2 versions.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

3.5

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

3.5

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Azure Local Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft Azure Stack HCI

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating