CVE-2025-55316
published 2025-09-09CVE-2025-55316: External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | azure_connected_machine_agent | < 1.56 | 1.56 |
| microsoft | azure_connected_machine_agent | >= 1.0.0 < 1.56 | 1.56 |
| msrc | azure_connected_machine_agent | — | — |