Microsoft Discloses Critical Azure MCP Server and AKS Authentication Flaws
Microsoft disclosed two high-severity vulnerabilities affecting hosted Azure services: CVE-2026-32211 in Azure MCP Server and CVE-2026-33105 in Azure Kubernetes Service (AKS). The Azure MCP Server issue is an information disclosure flaw tied to missing authentication for a critical function (CWE-306), allowing an unauthenticated attacker to access sensitive information over the network. Its CVSS v3.1 vector, AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N, indicates remote exploitation with no privileges or user interaction required.
Microsoft also published CVE-2026-33105, an improper authorization vulnerability in AKS mapped to CWE-285, which could let an unauthenticated attacker elevate privileges remotely. The CVSS v3.1 vector, AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H, reflects potential high impact across confidentiality, integrity, and availability. Both entries were identified as affecting exclusively hosted services and point defenders to Microsoft’s MSRC advisories for service-specific remediation and exposure assessment.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
4 events from the most recent confirmed update back to the earliest known activity.
Microsoft discloses CVE-2026-26135 affecting Azure Custom Locations RP
On 2026-04-03, Microsoft documented CVE-2026-26135 as a server-side request forgery vulnerability in Azure Custom Locations Resource Provider that could allow an authorized attacker to elevate privileges over a network. The issue is classified as CWE-918, carries a high-severity CVSS v3.1 vector, and references an MSRC advisory for an exclusively hosted service.
Microsoft discloses CVE-2026-33107 affecting Azure Databricks
On 2026-04-03, Microsoft documented CVE-2026-33107, a server-side request forgery vulnerability in Azure Databricks that could allow an unauthorized attacker to elevate privileges over a network. The issue is classified as CWE-918, carries a high-severity CVSS v3.1 vector, and references an MSRC advisory for the exclusively hosted service.
Microsoft discloses CVE-2026-33105 affecting Azure Kubernetes Service
On 2026-04-03, Microsoft disclosed CVE-2026-33105 as an improper authorization vulnerability in Microsoft Azure Kubernetes Service that could let an unauthorized attacker elevate privileges remotely. The record maps to CWE-285, carries a high-severity CVSS v3.1 vector, and is tagged as an exclusively hosted service with an MSRC reference.
Microsoft publishes CVE-2026-32211 for Azure MCP Server
Microsoft received and published CVE-2026-32211 on 2026-04-03, describing a missing authentication flaw in Azure MCP Server that could allow an unauthorized attacker to disclose information over a network. The entry maps the issue to CWE-306, includes a high-impact CVSS v3.1 vector, and references an MSRC advisory.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
6 references tracked. Mallory keeps watching after this page renders.
CVE-2026-32211 - Azure MCP Server Information Disclosure Vulnerability
cvefeed.io
Open sourceCVE-2026-33105 - Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
cvefeed.io
Open sourceCVE-2026-32173 - Azure SRE Agent Information Disclosure Vulnerability
cvefeed.io
Open sourceCVE-2026-26135 - Azure Custom Locations Resource Provider (RP) Elevation of Privilege Vulnerability
cvefeed.io
Open sourceCVE-2026-33107 - Azure Databricks Elevation of Privilege Vulnerability
cvefeed.io
Open sourceCVE-2026-32213 - Azure AI Foundry Elevation of Privilege Vulnerability
cvefeed.io
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Microsoft Discloses Elevation-of-Privilege Flaws Across Azure Services
Microsoft has published multiple Security Update Guide entries for elevation-of-privilege vulnerabilities affecting cloud services including **Azure Resource Manager**, **Azure Entra ID**, **Azure AI Foundry**, and **Redis Enterprise**. The disclosed issues include `CVE-2026-47280` and `CVE-2026-24304` in Azure Resource Manager, `CVE-2026-24305` and `CVE-2025-55241` in Azure Entra ID, `CVE-2025-59271` in Redis Enterprise, and `CVE-2026-35435` in Azure AI Foundry, indicating a broader set of privilege-boundary weaknesses across Microsoft-managed platforms. Microsoft provided the most detail for **CVE-2026-35435**, describing it as a **critical** improper access control flaw in Azure AI Foundry M365 published agents that could be exploited remotely over the network without privileges or user interaction, with potential for high confidentiality impact. The company said exploitation was considered more likely, but the vulnerability had not been publicly disclosed or exploited at publication time, and the service-side issue was already fully mitigated with **no customer action required**; the remaining CVEs were listed with limited public detail in the update guide.
May 25, 2026
Microsoft Patches Elevation-of-Privilege Flaws in Azure Monitoring and Agent Components
Microsoft disclosed and patched multiple elevation-of-privilege vulnerabilities affecting Azure agent components, including **Azure Monitor Agent**, the **Azure Monitor Agent Metrics Extension**, the **Azure Connected Machine Agent**, and the **Azure Network Watcher VM Extension**. The newly detailed issues include `CVE-2026-32204`, an **Important** flaw in Azure Monitor Agent caused by external control of file name or path (`CWE-73`), and `CVE-2026-42830`, an **Important** untrusted search path vulnerability (`CWE-426`) in the Metrics Extension. Microsoft said both flaws could be exploited locally by low-privileged attackers to gain elevated privileges, with `CVE-2026-32204` potentially enabling file writes and unauthorized code execution as **root**, while `CVE-2026-42830` could lead to privilege escalation and arbitrary code execution through implicit loading behavior tied to OpenSSL configuration handling. The disclosures add to a broader pattern of privilege-escalation fixes across Azure management tooling, following earlier advisories for `CVE-2024-35254` in Azure Monitor Agent, `CVE-2023-35624` in Azure Connected Machine Agent, and `CVE-2025-21188` in the Azure Network Watcher VM Extension. Microsoft assigned a CVSS 3.1 score of **7.8** to `CVE-2026-32204` and **6.5** to `CVE-2026-42830`, said neither issue was publicly disclosed or exploited at the time of publication, and released official fixes. Microsoft credited **Cristhian Parrot of Kroll** for reporting `CVE-2026-42830` through coordinated vulnerability disclosure.
May 25, 2026
Microsoft Discloses Windows Elevation of Privilege Vulnerabilities
Microsoft published security advisories for two **Elevation of Privilege** flaws affecting Windows components: `CVE-2026-23660` in **Windows Admin Center in Azure Portal** and `CVE-2025-62472` in **Windows Remote Access Connection Manager**. Both entries were released through Microsoft's Security Update Guide, identifying separate privilege-escalation issues in enterprise-relevant Windows management and connectivity functionality. The disclosures indicate that attackers who successfully exploit the vulnerabilities could gain higher privileges on affected systems, increasing the risk of broader compromise after initial access. Organizations using Windows administrative tooling in Azure environments and systems relying on Remote Access Connection Manager should review Microsoft's advisories, determine exposure to the affected components, and prioritize applicable security updates and mitigation steps.
May 25, 2026