Primary

Context

Microsoft Azure Monitor Agent Privilege Escalation Vulnerability

Vulnerability

Patched

A vulnerability allowing deserialization of untrusted data in Azure Monitor Agent has been identified. This issue enables an authorized attacker to locally elevate privileges. The vulnerability arises because the agent improperly handles untrusted data, which could be exploited by a local user with write access to the configuration directory, allowing them to create malicious files that the agent might process.

Impact

Exploitation of this vulnerability could allow a local user to gain elevated privileges, potentially leading to root access on the virtual machine.

Remediation

Users can download the security update for Azure Monitor Agent from the Microsoft Learn website. The vulnerability affects Azure Monitor Agent versions prior to 1.36.3.

Added: Oct 14, 2025, 6:00 PM

Updated: Oct 14, 2025, 8:28 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

10.0

exploitability

2.9

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

10.0

exploitability

2.9

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Azure Monitor Agent Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft Azure Monitor Agent

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating