CVE-2026-32192

HIGH

Azure Monitor Agent Elevation of Privilege Vulnerability

Title source: cna
STIX 2.1

Description

Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.

References (1)

Scores

CVSS v3 7.8
EPSS 0.0049
EPSS Percentile 65.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-502
Status published
Products (1)
Microsoft/Azure Monitor 1.0.0 - 1.41.0
Published Apr 14, 2026
Tracked Since Apr 14, 2026