VDB
CVE-2026-42830
CVE-2026-42830
PUBLISHED
CVSS 6.5 MEDIUM
Untrusted search path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
EPSS 0.06% · 18.9th percentile
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C
EPSS Score
0.06%
18.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | azure_monitor_agent_metrics_extension | 1.0.0, 1.0.0, 1.0.0 |
| Microsoft | Azure Monitor Agent Metrics Extension | 1.0.0, 1.0.0, 1.0.0 |
Timeline
- May 12, 2026 PoC Published
- May 12, 2026 PoC Published
- May 12, 2026 CVE Published
- May 13, 2026 PoC Published
- May 13, 2026 PoC Published
- May 13, 2026 CVE Updated
- May 13, 2026 Security Advisory
- May 13, 2026 Security Advisory
- May 13, 2026 Security Advisory
- May 13, 2026 Security Advisory
- May 13, 2026 Security Advisory
- May 13, 2026 Security Advisory
References
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40381 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42830 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32204 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33117 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40370 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33833 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42823 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-42830 advisory