CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2026-47643

CVSS 9.8v3.1pub. 2026-06-09

External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network.

🤖 AI Analysis
How it works

The vulnerability classified as CWE-73 (External Control of File Name or Path) allows an attacker to externally control the file name or path used by the application. Through the network, without authentication and without user interaction, it is possible to pass crafted input data pointing to a file or path controlled by the attacker. This leads to code execution on the vulnerable Azure Stack Edge system.

Impact

An unauthenticated attacker can remotely execute arbitrary code on an Azure Stack Edge device, which may result in complete compromise of system confidentiality, integrity, and availability.

Mitigation & patch

Apply patches available from the vendor according to the references: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47643

Who is affected

Microsoft Azure Stack Edge — versions indicated in the vendor's references

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References