Azure Monitor Agent
by Microsoft
CVEs (13)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-32192 | Hig | 0.51 | 7.8 | 0.02 | Apr 14, 2026 | Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-32168 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-42830 | Med | 0.42 | 6.5 | 0.00 | May 12, 2026 | Untrusted search path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-62550 | 0.00 | — | 0.01 | Dec 9, 2025 | Out-of-bounds write in Azure Monitor Agent allows an authorized attacker to execute code over a network. | |||
| CVE-2025-59504 | 0.00 | — | 0.00 | Nov 11, 2025 | Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-59285 | 0.00 | — | 0.01 | Oct 14, 2025 | Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-59494 | 0.00 | — | 0.01 | Oct 14, 2025 | Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-55321 | 0.00 | — | 0.00 | Oct 9, 2025 | Improper neutralization of input during web page generation ('cross-site scripting') in Azure Monitor allows an unauthorized attacker to perform spoofing over a network. | |||
| CVE-2025-47988 | 0.00 | — | 0.01 | Jul 8, 2025 | Improper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthorized attacker to execute code over an adjacent network. | |||
| CVE-2024-38097 | 0.00 | — | 0.01 | Oct 8, 2024 | Azure Monitor Agent Elevation of Privilege Vulnerability | |||
| CVE-2024-35254 | 0.00 | — | 0.01 | Jun 11, 2024 | Azure Monitor Agent Elevation of Privilege Vulnerability | |||
| CVE-2024-30060 | 0.00 | — | 0.00 | May 16, 2024 | Azure Monitor Agent Elevation of Privilege Vulnerability | |||
| CVE-2024-29989 | 0.00 | — | 0.01 | Apr 9, 2024 | Azure Monitor Agent Elevation of Privilege Vulnerability |
- risk 0.51cvss 7.8epss 0.02
Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
- risk 0.42cvss 6.5epss 0.00
Untrusted search path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
- CVE-2025-62550Dec 9, 2025risk 0.00cvss —epss 0.01
Out-of-bounds write in Azure Monitor Agent allows an authorized attacker to execute code over a network.
- CVE-2025-59504Nov 11, 2025risk 0.00cvss —epss 0.00
Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally.
- CVE-2025-59285Oct 14, 2025risk 0.00cvss —epss 0.01
Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
- CVE-2025-59494Oct 14, 2025risk 0.00cvss —epss 0.01
Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
- CVE-2025-55321Oct 9, 2025risk 0.00cvss —epss 0.00
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Monitor allows an unauthorized attacker to perform spoofing over a network.
- CVE-2025-47988Jul 8, 2025risk 0.00cvss —epss 0.01
Improper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthorized attacker to execute code over an adjacent network.
- CVE-2024-38097Oct 8, 2024risk 0.00cvss —epss 0.01
Azure Monitor Agent Elevation of Privilege Vulnerability
- CVE-2024-35254Jun 11, 2024risk 0.00cvss —epss 0.01
Azure Monitor Agent Elevation of Privilege Vulnerability
- CVE-2024-30060May 16, 2024risk 0.00cvss —epss 0.00
Azure Monitor Agent Elevation of Privilege Vulnerability
- CVE-2024-29989Apr 9, 2024risk 0.00cvss —epss 0.01
Azure Monitor Agent Elevation of Privilege Vulnerability