Azure Monitor Agent Metrics Extension
Monthly
Privilege escalation in Microsoft's Azure Monitor Agent (specifically the Metrics Extension) lets an unauthenticated attacker on an adjacent network gain elevated privileges by exploiting improper TLS certificate validation (CWE-295). Because the agent fails to properly verify the certificate of the endpoint it communicates with, an attacker positioned on the same broadcast/logical network segment can impersonate a trusted server and hijack the agent's privileged context, yielding high confidentiality, integrity, and availability impact. Microsoft rates it CVSS 8.8; there is currently no public exploit identified at time of analysis and it is not listed in CISA KEV.
Privilege escalation in Microsoft's Azure Monitor Agent (specifically the Metrics Extension) lets an unauthenticated attacker on an adjacent network gain elevated privileges by exploiting improper TLS certificate validation (CWE-295). Because the agent fails to properly verify the certificate of the endpoint it communicates with, an attacker positioned on the same broadcast/logical network segment can impersonate a trusted server and hijack the agent's privileged context, yielding high confidentiality, integrity, and availability impact. Microsoft rates it CVSS 8.8; there is currently no public exploit identified at time of analysis and it is not listed in CISA KEV.