CVE-2025-59285
published 2025-10-14CVE-2025-59285: Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | azure_monitor | >= 1.0.0 < 1.36.3 | 1.36.3 |
| microsoft | azure_monitor_agent | < 1.36.3 | 1.36.3 |
| msrc | azure_monitor_agent | — | — |