Microsoft Azure Arc vulnerabilities
3 known vulnerabilities affecting microsoft/azure_arc.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2026-24302P2CRITICALCVSS 9.8v-2026-02-05
CVE-2026-24302 [CRITICAL] CWE-284 CVE-2026-24302: Improper access control in Azure Arc allows an unauthorized attacker to elevate privileges over a ne
Improper access control in Azure Arc allows an unauthorized attacker to elevate privileges over a network.
nvd
CVE-2022-38007P3HIGHCVSS 7.8≥ 1.0.0, < 1.222022-09-13
CVE-2022-38007 [HIGH] CVE-2022-38007: Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability
Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability
nvd
CVE-2025-26627P3HIGHCVSS 7.0fixed in 1.0.10≥ 1.0.0, < 1.0.102025-03-11
CVE-2025-26627 [HIGH] CWE-77 CVE-2025-26627: Improper neutralization of special elements used in a command ('command injection') in Azure Arc all
Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally.
nvd