Microsoft Azure Network Watcher VM Vulnerability - 20240710002¶
Overview¶
Microsoft Security Response Center has published an advisory for the Azure Network Watcher VM Extension Elevation of Privilege Vulnerability.
What is vulnerable?¶
| Product(s) Affected | Version(s) | CVE | CVSS | Severity |
|---|---|---|---|---|
| Azure Network Watcher VM Extension for Windows | Affected from 1.4.3320.1, before 1.4.3320.1 | CVE-2024-35261 | 7.8 | High |
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of 48 hours... (refer Patch Management):
| Release Date | Product | Articles | Download | Build Number |
|---|---|---|---|---|
| Jul 9, 2024 | Azure Network Watcher VM Extension for Windows | Release notes | Security Update(s) | 1.4.3320.1 |
Additional References¶
- Microsoft Security Response Center: https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-35261