Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.
The vulnerability classified as CWE-287 (Improper Authentication) involves improper identity verification in the Disconnected Operations mode of the Azure Local platform. A network-accessible attacker can bypass authentication mechanisms and obtain elevated privileges in the target environment. The network vector (AV:N), lack of requirements for attack complexity (AC:L), and no need for any initial privileges (PR:N) make the vulnerability trivial to exploit in a properly exposed network.
An attacker can obtain elevated privileges on the target system without prior authentication, which with full scope of impact on confidentiality, integrity, and availability (C:H/I:H/A:H) may result in complete takeover of resources managed by Azure Local or Azure Resource Manager.
Apply patches available from the vendor in accordance with references published by Microsoft Security Response Center at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42822. Until the patch is deployed, consider restricting network access to Azure Local Disconnected Operations components only to trusted hosts and implement network segmentation.
Microsoft Azure Local (Disconnected Operations mode) and Microsoft Azure Resource Manager — specific versions indicated in vendor references (Microsoft Security Response Center).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HMicrosoft Azure Local
APPMicrosoft< 2604.2.25645Microsoft Azure Resource Manager
APPMicrosoftwszystkie wersje
Related vulnerabilities
Obejście uwierzytelniania w Azure Resource Manager umożliwia eskalację uprawnień
Nieprawidłowa kontrola dostępu w Azure Resource Manager — privilege escalation
Improper certificate validation in Azure Local allows an unauthorized attacker to execute code over a network.
Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów
RCE przez deserializację niezaufanych danych w Microsoft SharePoint Server