wid-sec-w-2026-0794
·
Published 2026-03-19
·
View on BSI CERT-Bund ↗
Microsoft Azure DevOps, Data Factory and Cloud Shell: Multiple Vulnerabilities
CVSS 10.0
CRITICAL
Risk Summary
Insufficiently protected credentials in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.
CVEs (3)
Affected Vendors
Microsoft
Affected Products (3)
Microsoft
·
Azure
DevOps
Microsoft
·
Azure
Data Factory
Microsoft
·
Azure
Cloud Shell
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more