CVE-2026-26141
EUVD-2026-1070010.03.2026, 18:18
Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| microsoft | azure_automation_hybrid_worker_windows_extension | 1.0.0 ≤ 𝑥 < 1.3.74 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-287 - Improper AuthenticationWhen an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.
- CWE-863 - Incorrect AuthorizationThe software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.