Microsoft Rejects Critical Azure Backup Vulnerability Report Amid Claims of Silent Patching
Microsoft has declined to issue a CVE for a critical privilege escalation vulnerability in Azure Backup for AKS, despite independent validation by CERT/CC and evidence suggesting the company silently patched the flaw.

Security researcher Justin O'Leary has documented a critical privilege escalation vulnerability in Azure Backup for AKS that Microsoft has officially declined to acknowledge or assign a CVE identifier. The flaw, which O'Leary identified in March 2026, reportedly allowed a user with the low-privileged "Backup Contributor" role to gain cluster-admin access to Kubernetes clusters BleepingComputer.
The vulnerability is categorized as a Confused Deputy issue (CWE-441). According to O'Leary, Azure Backup for AKS utilizes "Trusted Access" to grant backup extensions administrative privileges within a cluster. The flaw allowed an attacker to trigger this Trusted Access relationship without possessing any prior Kubernetes permissions. By enabling backup on a target cluster, an attacker could force Azure to automatically configure Trusted Access with cluster-admin rights, subsequently allowing for the extraction of sensitive secrets or the deployment of malicious workloads BleepingComputer.
Microsoft’s Security Response Center (MSRC) rejected the initial report, arguing that the scenario required the attacker to already hold administrative access within the customer's environment. O'Leary disputes this, stating the vulnerability grants cluster-admin access to users who previously had none. Although the CERT Coordination Center (CERT/CC) independently validated the flaw and assigned it tracking identifier VU#284781, the case was eventually closed under CNA hierarchy rules, leaving Microsoft with the final authority to decline a CVE issuance BleepingComputer.
Despite Microsoft's insistence that "no product changes were made" and that the behavior was "expected," O'Leary has observed that the original attack path is no longer functional. Following his disclosure, attempts to replicate the exploit now return errors, such as UserErrorTrustedAccessGatewayReturnedForbidden, suggesting that the service now requires manual configuration of Trusted Access. This indicates a silent patch was implemented despite the company's public stance BleepingComputer.
This incident follows a separate recent controversy where Microsoft initially dismissed a security report regarding the Microsoft Edge browser. In that case, researcher Tom Jøran Sønstebyseter Rønning demonstrated that Edge loaded cleartext passwords into process memory at startup. While Microsoft originally claimed this was "by design," the company later reversed its position, announcing a defense-in-depth update to prevent this behavior across all supported versions of Edge BleepingComputer.
The rejection of the Azure Backup for AKS report highlights ongoing tensions between independent security researchers and vendors regarding the classification of vulnerabilities. As Microsoft continues to emphasize its "Secure Future Initiative," the discrepancy between its public security assessments and the observed remediation of reported flaws remains a point of concern for the security community BleepingComputer.