Azure Monitor
Monthly
Path traversal in Azure Monitor Agent enables low-privileged local attackers to escalate to SYSTEM/root privileges via malicious file path manipulation. Microsoft has released security patches. Attack vector is local (AV:L) with low complexity (AC:L), requiring only basic local credentials (PR:L) but no user interaction. EPSS exploitation probability is 0.04% (4th percentile), indicating low likelihood of mass exploitation, though the attack is straightforward once local access is obtained.
Azure Monitor Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Path traversal in Azure Monitor Agent enables low-privileged local attackers to escalate to SYSTEM/root privileges via malicious file path manipulation. Microsoft has released security patches. Attack vector is local (AV:L) with low complexity (AC:L), requiring only basic local credentials (PR:L) but no user interaction. EPSS exploitation probability is 0.04% (4th percentile), indicating low likelihood of mass exploitation, though the attack is straightforward once local access is obtained.
Azure Monitor Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.