The vulnerability arises from external initialization of trusted variables or data stores within Azure Entra ID, providing an unauthorized attacker the ability to elevate privileges locally on systems running the Azure AD SSH Login extension for Linux. The weakness is classified as CWE-454, which involves improper handling of privileged data. This flaw could allow a local attacker to gain higher level permissions than intended, potentially compromising sensitive system data or performing unauthorized operations. The CVSS score is 8.1, indicating a severe impact on confidentiality, integrity, and availability within the scope of the affected system.

Affected vendors and products include Microsoft Azure AD SSH Login extension for Linux. No specific affected version ranges are supplied in the CNA data, so any installation of the extension that relies on Azure Entra ID for trusted variable initialization is potentially impacted until a vendor‑provided update is applied.

The EPSS score is below 1%, and the vulnerability does not appear in CISA’s KEV catalog. The attack vector is inferred to be local, requiring the attacker to have some level of access to the target machine to exploit the initialization flaw. The high CVSS score indicates that, when exploded, the vulnerability could lead to significant privilege escalation. However, the low EPSS suggests that, in practice, exploitation may be uncommon. The deficiency is a local one; therefore, mitigations that prevent unauthorized local manipulation of the extension’s configuration can reduce risk.