Popis
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, gain privileges, obtain sensitive information.
Below is a complete list of vulnerabilities:
- A spoofing vulnerability in Azure IOT Explorer can be exploited remotely to spoof user interface.
- An elevation of privilege vulnerability in Azure MCP Server Tools can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Azure IoT Explorer can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Linux Azure Diagnostic extension (LAD) can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Arc Enabled Servers – Azure Connected Machine Agent can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Admin Center in Azure Portal can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Hybrid Worker Extension (Arc‑enabled Windows VMs) can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Microsoft Azure AD SSH Login extension for Linux can be exploited remotely to gain privileges.
Oficiální doporučení
- CVE-2026-26118
- CVE-2026-23662
- CVE-2026-23665
- CVE-2026-26117
- CVE-2026-23660
- CVE-2026-26141
- CVE-2026-23664
- CVE-2026-26148
- CVE-2026-23661
Související produkty
- Microsoft-Windows
- Microsoft-Azure
- Azure-Connected-Machine-Agent
- Arc-Enabled-Servers-Azure-Connected-Machine-Agent
seznam CVE
- CVE-2026-23660 critical
- CVE-2026-23661 critical
- CVE-2026-23662 critical
- CVE-2026-23664 critical
- CVE-2026-23665 critical
- CVE-2026-26117 critical
- CVE-2026-26118 critical
- CVE-2026-26121 critical
- CVE-2026-26141 critical
- CVE-2026-26148 critical
Zobrazit více
Zjistěte statistiky zranitelností šířících se ve vaší oblasti statistics.securelist.com
Našli jste v popisu této chyby zabezpečení nepřesnost? Dej nám vědět!