Azure Connected Machine Agent
by Azure
CVEs (4)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-40381 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. | |
| CVE-2026-21224 | 0.00 | — | 0.00 | Jan 13, 2026 | Stack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-58724 | 0.00 | — | 0.00 | Oct 14, 2025 | Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-47989 | 0.00 | — | 0.00 | Oct 14, 2025 | Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. |
- risk 0.51cvss 7.8epss 0.00
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
- CVE-2026-21224Jan 13, 2026risk 0.00cvss —epss 0.00
Stack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
- CVE-2025-58724Oct 14, 2025risk 0.00cvss —epss 0.00
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
- CVE-2025-47989Oct 14, 2025risk 0.00cvss —epss 0.00
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.