CVE-2026-21522 – Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability

CVE-2026-21522 is a critical elevation of privilege vulnerability affecting Microsoft Azure Container Instances (ACI) Confidential Containers. The vulnerability is caused by improper neutralization of special elements in command handling, allowing an authorized attacker with high privileges to inject and execute arbitrary commands locally. Successful exploitation enables attackers to elevate privileges within the container environment and potentially access protected secrets and sensitive workloads.

CVSS Score: 6.7 SEVERITY: Critical THREAT: Elevation of Privilege

EXPLOITS: No public exploitation has been observed in the wild at the time of release. However, proof-of-concept exploit code exists, confirming the vulnerability is practically exploitable under the right conditions.

TECHNICAL SUMMARY: The vulnerability originates from insufficient input sanitization in command execution logic within Azure Compute Gallery components supporting ACI Confidential Containers. Special characters or crafted command input are not properly neutralized, enabling command injection. An attacker with authorized, high-privilege access can exploit this flaw to execute arbitrary commands within the container’s runtime context. In confidential container deployments, this undermines isolation guarantees and may expose secrets or trusted execution boundaries.

EXPLOITABILITY: This issue affects Azure environments running ACI Confidential Containers. Exploitation is local, requires high privileges, and does not require user interaction. Once exploited, attackers can run commands with the same privileges as the affected container, effectively elevating control within that environment.

BUSINESS IMPACT: Privilege escalation within confidential containers presents a serious risk to organizations relying on Azure for sensitive or regulated workloads. Attackers could access protected secrets, manipulate workloads, disrupt availability, or compromise trust assumptions tied to confidential computing. This could result in data exposure, operational disruption, and loss of confidence in cloud security controls.

WORKAROUND: If the patch cannot be applied immediately, organizations should strictly limit administrative access to ACI environments, review role assignments, and monitor container activity for unexpected command execution. Reducing the number of users with elevated privileges can significantly lower exposure.

URGENCY: This vulnerability warrants rapid remediation due to its critical severity, confirmed proof-of-concept exploitability, and its impact on confidential computing environments where trust and isolation are essential.