1 article
CVE-2026-26117, a local privilege escalation flaw in the Azure Arc Connected Machine Agent for Windows, allows any domain user on a managed host to escalate to SYSTEM and inherit the host's Azure managed identity — granting access to all Azure resources the machine identity can reach. Microsoft rated the flaw CVSS 7.8; patch immediately given Arc's growing enterprise footprint.
CVE-2026-26117 in the Azure Arc agent is not just a patching story. It reveals that managed identity has quietly become the most powerful unguarded credential in enterprise infrastructure. We dismantled local admin accounts and hardcoded passwords over the past decade — and then rebuilt the same concentration of privilege under a different name, with even less monitoring attached.
CipherWatch Editorial
Security Intelligence Platform