azure arc (microsoft) — Vulnerabilities

Signals

Monitoring NVD, CISA KEV, EPSS and the Dragons Community ransomware tracker in near-real timeMonitoring NVD, CISA KEV, EPSS and the Dragons Community ransomware tracker in near-real time

Vendors · microsoft · azure arc

azure arc

· 3 CVEsmicrosoft · 3 known vulnerabilities

Total

Critical

High

Medium

CISA KEV

CVE-2026-24302HIGH 8.6

Feb 5, 2026

Improper access control in Azure Arc allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-26627HIGH 7.0

Mar 11, 2025

Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally.

CVE-2022-38007HIGH 7.8

Sep 13, 2022

Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability

All microsoft products All Vendors CVE Database KEV Catalog