What the vulnerability does
01Description
Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-32192
HIGH
CVE-2026-32192: Azure Monitor Agent Elevation of Privilege Vulnerability
CVSS base score
7.8/10
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Key dates
02Disclosure timeline
April 14, 2026
CVE published
June 1, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2020-7385 Metasploit Framework 'drb_remote_codeexec' code execution
CVE-2024-10382 Arbitrary Code execution in Car App Android Jetpack Library
CVE-2023-35815
CVE-2025-41700 CODESYS Development System - Deserialization of Untrusted Data
CVE-2024-28861 Gadget chain in Symfony 1 due to uncontrolled unserialized input in sfNamespacedParameterHolder
