The vulnerability resides in a permissive regular expression used by Azure Compute Gallery, which can be exploited by an authorized attacker with local access to elevate privileges within the Microsoft ACI Confidential Containers environment. The flaw is classified under CWE‑625, allowing an attacker to execute privileged actions that were not intended for them. As a result, the attacker could potentially gain higher privileges, execute arbitrary code, or modify resources, compromising confidentiality, integrity, and availability of the container environment.

This issue affects Microsoft ACI Confidential Containers as distributed by Microsoft. No specific product version is provided in the advisory, so any deployment that includes this component remains potentially vulnerable until a patch is applied. System administrators should review the installed version against the Microsoft Security Update Guide linked in the advisory to confirm exposure.

The CVSS base score is 6.7, indicating a medium severity risk, and the EPSS score is below 1 %, suggesting a low probability of exploitation at the time of analysis. The vulnerability is not listed in the CISA KEV catalog, so there is no confirmed active exploitation. Attachment is limited to users who have authorized access to Azure Compute Gallery, so the attack requires local or privileged context; the lack of remote attack vectors reduces overall risk, but the potential impact of privilege escalation warrants timely remediation.