CVE-2025-47988
published 2025-07-08CVE-2025-47988: Improper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthorized attacker to execute code over an adjacent network.
high7.5CVSS 3.1
AVAACHPRNUINSUCHIHAH
Improper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthorized attacker to execute code over an adjacent network.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | azure_monitor | >= 1.0.0 < 1.35.1 | 1.35.1 |
| microsoft | azure_monitor_agent | < 1.35.1 | 1.35.1 |
| msrc | azure_monitor_agent | — | — |