Platform
windows
Component
azure-agent-for-backup
Fixed in
2.0.9940.0
9.30
CVE-2025-21199 describes an improper privilege management vulnerability within the Azure Agent Installer for Azure Agent for Backup. This flaw allows an authenticated attacker to escalate their privileges locally on the affected system. The vulnerability impacts versions 1.0.0 through 9.30 of the agent, and a fix is available in version 9.30.
Successful exploitation of CVE-2025-21199 allows an attacker who already has some level of access to the system to gain elevated privileges. This could enable them to install malware, modify system configurations, access sensitive data, or compromise other resources on the affected machine. The impact is particularly concerning in environments where the Azure Agent for Backup is used to manage critical data, as an attacker could potentially gain control over the backup infrastructure itself. While the vulnerability requires authentication, the ability to escalate privileges significantly expands the attacker's potential reach and impact.
CVE-2025-21199 was publicly disclosed on March 11, 2025. As of this date, no public proof-of-concept exploits are known. The EPSS score is pending evaluation, and there are no current indications of active exploitation campaigns. This vulnerability is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.19% (41% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-21199 is to upgrade the Azure Agent for Backup to version 9.30 or later. Prior to upgrading, it is recommended to back up the existing configuration to facilitate a rollback if necessary. If an immediate upgrade is not feasible, consider restricting access to the Azure Agent Installer and implementing stricter privilege controls on the affected systems. After upgrading, verify the installation by checking the agent version and confirming that no unauthorized processes are running with elevated privileges using Task Manager or PowerShell.
Actualice el Azure Agent for Backup a la versión 2.0.9940.0 o superior para corregir la vulnerabilidad de elevación de privilegios. Descargue la última versión desde el portal de Azure o el sitio web de Microsoft. Reinicie el sistema después de la actualización para asegurar que los cambios se apliquen correctamente.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-21199 is a vulnerability in Azure Agent for Backup allowing an authenticated attacker to elevate privileges locally, rated MEDIUM severity (CVSS 6.7).
You are affected if you are using Azure Agent for Backup versions 1.0.0 through 9.30.
Upgrade to version 9.30 or later to remediate the vulnerability. Back up your configuration before upgrading.
As of March 11, 2025, there are no known active exploitation campaigns or public proof-of-concept exploits.
Refer to the official Microsoft security advisory for CVE-2025-21199 on the Microsoft Security Response Center website.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.