Vulnerability Details CVE-2025-49692
Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.7%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2025-49692
-
cpe:2.3:a:microsoft:azure_connected_machine_agent:-
-
cpe:2.3:a:microsoft:azure_connected_machine_agent:1.34
-
cpe:2.3:a:microsoft:azure_connected_machine_agent:1.35
-
cpe:2.3:a:microsoft:azure_connected_machine_agent:1.36
-
cpe:2.3:a:microsoft:azure_connected_machine_agent:1.37
-
cpe:2.3:a:microsoft:azure_connected_machine_agent:1.38
-
cpe:2.3:a:microsoft:azure_connected_machine_agent:1.39
-
cpe:2.3:a:microsoft:azure_connected_machine_agent:1.40
-
cpe:2.3:a:microsoft:azure_connected_machine_agent:1.41
-
cpe:2.3:a:microsoft:azure_connected_machine_agent:1.42
-
cpe:2.3:a:microsoft:azure_connected_machine_agent:1.43
-
cpe:2.3:a:microsoft:azure_connected_machine_agent:1.44