CVE-2025-59504

CWE-122Heap-based Buffer Overflow4 documents4 sources
Severity
7.3HIGH
EPSS
0.0%
top 85.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft Azure MonitorMicrosoft Azure Monitor Agent
Timeline
PublishedNov 11

Description

Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:HExploitability: 2.5 | Impact: 4.7

Affected Packages2 packages

CVEListV5microsoft/azure_monitor1.0.0v1.37.1

🔴Vulnerability Details

2
GHSA
GHSA-2575-3228-j966: Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally2025-11-11
CVEList
Azure Monitor Agent Remote Code Execution Vulnerability2025-11-11

📋Vendor Advisories

1
Microsoft
Azure Monitor Agent Remote Code Execution Vulnerability2025-11-11
CVE-2025-59504 (HIGH CVSS 7.3) | Heap-based buffer overflow in Azure | cvebase.io