Microsoft Azure Connected Machine Agent Privilege Escalation Vulnerability

A vulnerability allowing improper access control has been identified in Azure Connected Machine Agent. This issue enables an authorized attacker to locally elevate privileges. The vulnerability arises from inadequate access control, allowing attackers with existing access to interfere with local service ports used by ArcProxy. By sending specially crafted authentication data, they can manipulate the service into accessing and returning files typically restricted to higher-privileged system accounts, potentially exposing sensitive information.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing an attacker to gain access to resources or information reserved for more privileged users or system accounts.

Remediation

Users are advised to update to version 1.63 of the Azure Connected Machine Agent. The security update is available for download via the Microsoft Update Catalog for Windows users and through the Azure CLI for Linux users.