Описание
Azure Monitor Agent Elevation of Privilege Vulnerability
Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
FAQ
According to the CVSS metric, the attack vector is local (AV:L) and the privilege required is none (PR:L). What privileges could an attacker gain with successful exploitation?
A local user could take advantage of this vulnerability and perform elevation of privilege (EOP). By successfully exploiting this vulnerability, the attacker could elevate their privileges to obtain root level access on the virtual machine.
According to the CVSS metric, the attack complexity is high (AC:H). What is does this mean in the context of the elevation of privilege vulnerability?
In order to successfully exploit this vulnerability, the attacker requires write access to the configuration directory by creating malicious files in a directory before the Azure Monitor Agent is installed or before the service starts after system restart.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
7 High
CVSS3
Связанные уязвимости
Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
Уязвимость инструмента сбора данных с виртуальных машин (VM) и физических серверов Azure Monitor Agent, связанная с недостатками механизма десериализации, позволяющая нарушителю повысить свои привилегии
EPSS
7 High
CVSS3