Primary

Context

Microsoft Azure IoT SDK Information Disclosure Vulnerability

Vulnerability

A vulnerability in the Azure IoT SDK allows unauthorized attackers to disclose information over a network by binding to an unrestricted IP address. This could potentially expose contents of the user's local file system, folders, or cloud access credentials associated with the system.

Impact

Successful exploitation could lead to unauthorized access to sensitive information, including local file system contents, folders, or cloud access credentials.

Remediation

Users can download the security update for Azure IoT Explorer, version 0.15.13, from the GitHub release page. The source code is also available in zip and tar.gz formats.

Added: Feb 10, 2026, 6:28 PM

Updated: Feb 11, 2026, 1:45 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

7.0

remediation

0.0

relevance

2.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

7.0

remediation

0.0

relevance

2.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Azure IoT SDK Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating