Microsoft Azure Automation — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Azure Automation, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2025-29827 — CVSS 9.9 (critical): Improper authorization in Azure Automation allows an authorized attacker to elevate privileges over a network.
CVE-2021-42306 — CVSS 8.1 (high): An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an…
CVE-2019-0962 — CVSS 4.9 (medium): An elevation of privilege vulnerability exists in Azure Automation "RunAs account" runbooks for users with contributor role, aka 'Azure…