CVE-2026-32168 — Vulnetix

CVE-2026-32168 PUBLISHED CVSS 7.800000190734863 HIGH

Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.

EPSS 0.09% · 24.9th percentile

Risk Scores

CVSS 3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

EPSS Score

0.09%

24.9th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Azure Monitor	1.0.0
microsoft	azure_monitor_agent	1.0.0

Exploit Intelligence

https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
CIRCL seen: CVE-2026-32168 (circl-sighting)
CIRCL seen: CVE-2026-32168 (circl-sighting)
Azure Monitor Agent Elevation of Privilege Vulnerability (circl)

Timeline

Apr 14, 2026 CVE Published
Apr 14, 2026 PoC Published
Apr 14, 2026 PoC Published
Apr 15, 2026 Security Advisory
Apr 15, 2026 Security Advisory
May 5, 2026 Security Advisory
May 18, 2026 EPSS Score
May 19, 2026 EPSS Score
May 20, 2026 EPSS Score
May 21, 2026 EPSS Score
May 22, 2026 EPSS Score
May 23, 2026 EPSS Score

References

Azure Monitor Agent Elevation of Privilege Vulnerability vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2026-32168 advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›