CVE-2025-59504
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-11

Last updated on: 2025-11-17

Assigner: Microsoft Corporation

Description
Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-11
Last Modified
2025-11-17
Generated
2026-06-16
AI Q&A
2025-11-11
EPSS Evaluated
2026-06-14
NVD
CVE-2025-59504
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
microsoft azure_monitor_agent to 1.37.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a heap-based buffer overflow in the Azure Monitor Agent that allows an unauthorized attacker to execute code locally on the affected system. [1]

Impact Analysis

An attacker exploiting this vulnerability can execute code locally on your system without authorization, potentially leading to unauthorized actions, data compromise, or system disruption. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-59504. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart