Primary

Context

Microsoft Azure Monitor Agent Privilege Escalation Vulnerability

Vulnerability

Patched

A vulnerability allowing deserialization of untrusted data in Azure Monitor Agent has been identified. This issue enables an authorized attacker to locally elevate privileges. Successful exploitation could grant SYSTEM privileges to the attacker.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, with attackers gaining SYSTEM privileges.

Remediation

Users are advised to download the security update for Azure Monitor Agent. Instructions for managing the agent can be found in the Azure Monitor Agent Release Notes.

Added: Apr 14, 2026, 8:04 PM

Updated: Apr 14, 2026, 8:04 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

10.0

exploitability

2.7

remediation

7.7

relevance

6.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

10.0

exploitability

2.7

remediation

7.7

relevance

6.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Azure Monitor Agent Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft Azure Monitor Agent

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating