Multiple vulnerabilities in Microsoft Azure

Описание

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, bypass security restrictions, spoof user interface.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Azure AI Foundry can be exploited remotely to gain privileges.
2. A remote code execution vulnerability in Azure Managed Instance for Apache Cassandra can be exploited remotely to execute arbitrary code.
3. A spoofing vulnerability in Microsoft Partner Center can be exploited remotely to spoof user interface.
4. A spoofing vulnerability in Azure Machine Learning Notebook can be exploited remotely to spoof user interface.
5. An elevation of privilege vulnerability in Azure Monitor Action Group Notification System can be exploited remotely to gain privileges.
6. A spoofing vulnerability in Microsoft Enterprise Security Token Service (ESTS) can be exploited remotely to spoof user interface.
7. A spoofing vulnerability in Azure Cloud Shell can be exploited remotely to spoof user interface.

Первичный источник обнаружения

• CVE-2026-35435
  CVE-2026-33844
  CVE-2026-34327
  CVE-2026-32207
  CVE-2026-41105
  CVE-2026-40379
  CVE-2026-35428
  CVE-2026-33109
  

Эксплуатация

Связанные продукты

• Microsoft-Azure
• Azure-Monitor

Список CVE

• CVE-2026-32207
  high
• CVE-2026-33109
  critical
• CVE-2026-33844
  critical
• CVE-2026-34327
  critical
• CVE-2026-35428
  critical
• CVE-2026-35435
  critical
• CVE-2026-41105
  critical
• CVE-2026-40379
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com