Microsoft Azure Arc
3 CVEs affecting Microsoft Azure Arc. Latest disclosed: 2026-02-05. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-24302 | High | 8.6 | 2026-02-05 | Improper access control in Azure Arc allows an unauthorized attacker to elevate privileges over a network. |
CVE-2022-38007 | High | 7.8 | 2022-09-13 | Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability |
CVE-2025-26627 | High | 7.0 | 2025-03-11 | Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally. |