CVE-2024-30060: Azure Monitor Agent Elevation of Privilege Vulnerability

Overview

Severity

High (CVSS 7.8)

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Elevation of Privilege

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Publicly Disclosed

Yes

Patch Tuesday

2024-May

Released

2024-05-16

EPSS Score

1.30% (percentile: 79.8%)

FAQ

What privileges could be gained by an attacker who successfully exploited this vulnerability? An authenticated attacker would be able to delete targeted files on a system which could result in them gaining SYSTEM privileges. What actions do customers need to take to protect themselves from this vulnerability? We released CVE-2024-30060 to help keep customers protected. Customers who have installed the latest updates, or have automatic updates enabled, are already protected. Customers who have disabled Automatic Extension Upgrades or would like to upgrade an extension immediately must manually update their Azure Monitor Agent to the latest version. For more information on how to perform a manual update, see Manage Azure Monitor Agent.

Affected Products (1)

Azure

• Azure Monitor Agent

Security Updates (1)

• Release Notes

Acknowledgments

R4nger &amp; Zhiniang Peng, <a href="https://twitter.com/afang5472">Fangming Gu</a>

Revision History

• 2024-05-16: Information published.