Description
Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.
Published: 2026-05-18
Score: 10 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Improper authentication in Azure Local Disconnected Operations allows an attacker to obtain elevated privileges, enabling them to perform unauthorized actions over a network. This flaw originates from missing enforcement of authentication checks, allowing access to privileged functions that should be restricted to authenticated users. The consequence is that an attacker who can reach the affected components could gain administrative or higher‑level access, jeopardizing the confidentiality, integrity, and availability of Azure resources.

Affected Systems

Microsoft Azure Local and Microsoft Azure Resource Manager services are affected. The vulnerability is documented as impacting the Azure Local Disconnected Operations functionality in both platforms. Version details are not specified in the advisory; the vendor recommends verifying the latest releases for remediation.

Risk and Exploitability

The CVSS score of 10 indicates maximum severity, and the EPSS is not available, so an exploitation probability is not quantified. The vulnerability is not listed in CISA’s KEV catalog. Based on the description, the likely attack vector is through network access to the Azure Local Disconnected Operations service where an unauthenticated user can interact with the component. If the service is reachable, this missing authentication control could be used to elevate privileges system‑wide, allowing data modification, deletion, or lateral movement.

Generated by OpenCVE AI on May 18, 2026 at 18:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Azure patch for Azure Local Disconnected Operations and Azure Resource Manager as provided by Microsoft.
  • Restrict network access to Azure Local Disconnected Operations endpoints to trusted IP ranges or employ network segmentation to prevent exposure to untrusted networks.
  • Disable Azure Local Disconnected Operations if it is not needed, or limit the permissions of the service principal and update role assignments to enforce least privilege.

Generated by OpenCVE AI on May 18, 2026 at 18:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 18 May 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 18 May 2026 17:45:00 +0000

Type Values Removed Values Added
Description Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.
Title Azure Local Disconnected Operations (ALDO) Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft azure Local
Microsoft azure Resource Manager
Weaknesses CWE-287
CPEs cpe:2.3:a:microsoft:azure_local:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:azure_resource_manager:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft azure Local
Microsoft azure Resource Manager
References
Metrics cvssV3_1

{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Azure Local Azure Resource Manager
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-05-18T18:10:16.651Z

Reserved: 2026-04-30T14:51:12.702Z

Link: CVE-2026-42822

cve-icon Vulnrichment

Updated: 2026-05-18T17:40:25.861Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-18T18:17:34.500

Modified: 2026-05-18T19:32:38.777

Link: CVE-2026-42822

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-18T18:30:15Z

Weaknesses