Vulnerability Details CVE-2025-47988
Improper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthorized attacker to execute code over an adjacent network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.9%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2025-47988
-
cpe:2.3:a:microsoft:azure_monitor_agent:-
-
cpe:2.3:a:microsoft:azure_monitor_agent:1.24.0
-
cpe:2.3:a:microsoft:azure_monitor_agent:1.26.0
-
cpe:2.3:a:microsoft:azure_monitor_agent:1.30.0
-
cpe:2.3:a:microsoft:azure_monitor_agent:1.31.0
-
cpe:2.3:a:microsoft:azure_monitor_agent:1.32.0
-
cpe:2.3:a:microsoft:azure_monitor_agent:1.32.6
-
cpe:2.3:a:microsoft:azure_monitor_agent:1.33.1
-
cpe:2.3:a:microsoft:azure_monitor_agent:1.33.4
-
cpe:2.3:a:microsoft:azure_monitor_agent:1.34.0
-
cpe:2.3:a:microsoft:azure_monitor_agent:1.34.5