Platform
azure
Component
azure-cloud-shell
Fixed in
2.5.4
CVE-2026-32169 describes a server-side request forgery (SSRF) vulnerability discovered in Azure Cloud Shell. This flaw allows an unauthorized attacker to potentially escalate privileges and gain broader access within a network. The vulnerability impacts versions 1.0.0 and earlier, with a fix available in version 2.5.4.
The SSRF vulnerability in Azure Cloud Shell enables an attacker to craft malicious requests that appear to originate from the Cloud Shell environment. This can be exploited to access internal resources that are normally protected, such as sensitive data stored in cloud storage services or management interfaces. Successful exploitation could lead to unauthorized data exfiltration, privilege escalation, and potentially complete compromise of the Azure environment. The impact is particularly severe because Cloud Shell often provides users with elevated permissions within their cloud accounts, amplifying the potential blast radius of a successful attack.
CVE-2026-32169 was publicly disclosed on 2026-03-19. The CVSS score of 10 (CRITICAL) indicates a high probability of exploitation. While no public proof-of-concept (PoC) code has been released as of this writing, the SSRF nature of the vulnerability makes it relatively easy to exploit, increasing the likelihood of active exploitation campaigns. The vulnerability has been added to the CISA KEV catalog, signifying a significant risk to federal information systems.
Exploit Status
EPSS
0.08% (25% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-32169 is to upgrade Azure Cloud Shell to version 2.5.4 or later, which contains the necessary fix. If immediate upgrade is not feasible, consider implementing network segmentation to restrict Cloud Shell's access to sensitive internal resources. Additionally, configure Azure Cloud Shell to use a dedicated virtual network with restricted outbound access. Monitor Cloud Shell activity for unusual outbound requests that could indicate exploitation attempts. Review and tighten access controls for Cloud Shell users to minimize the potential impact of a compromised account.
Microsoft has released a fix for this vulnerability. Update Azure Cloud Shell to version 2.5.4 or later to mitigate the risk of privilege escalation via SSRF. See the Microsoft update guide for detailed instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-32169 is a critical server-side request forgery vulnerability in Azure Cloud Shell affecting versions 1.0.0 and earlier, allowing attackers to potentially escalate privileges over a network.
If you are using Azure Cloud Shell version 1.0.0 or earlier, you are affected by this vulnerability. Upgrade to version 2.5.4 to mitigate the risk.
The recommended fix is to upgrade Azure Cloud Shell to version 2.5.4 or later. Consider network segmentation and access control restrictions as interim measures.
While no public exploits are currently known, the high CVSS score and ease of exploitation suggest a high probability of active exploitation campaigns.
Refer to the official Microsoft Security Update Guide for details: [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32169]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.