CVE-2026-21224
published 2026-01-13CVE-2026-21224: Stack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Stack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | azure_connected_machine_agent | < 1.60 | 1.60 |
| microsoft | azure_connected_machine_agent | >= 1.0.0 < 1.60.03293.2680 | 1.60.03293.2680 |
| msrc | azure_connected_machine_agent | — | — |