Azure Connected Machine Agent
CVE-2024-21329
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Primary rating from Vendor (microsoft) · only source for this CVE.
CVSS VectorVendor: microsoft
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Azure Connected Machine Agent Elevation of Privilege Vulnerability
AnalysisAI
Azure Connected Machine Agent Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-59. Azure Connected Machine Agent Elevation of Privilege Vulnerability Affected products include: Microsoft Azure Connected Machine Agent.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Local privilege escalation in Azure Connected Machine Agent exploits a stack-based buffer overflow, enabling authenticat
Azure Connected Machine Agent Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability i
Azure Connected Machine Agent Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability i
Azure Connected Machine Agent Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability i
External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally. Rated hi
Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges local
Same weakness CWE-59 – Improper Link Resolution Before File Access
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today