CVE-2026-23655 – Microsoft ACI Confidential Containers Information Disclosure Vulnerability

CVE-2026-23655 is a critical information disclosure vulnerability affecting Microsoft Azure Container Instances (ACI) Confidential Containers. The issue stems from cleartext storage of sensitive data, which may allow an authorized attacker to access secret tokens and cryptographic keys over the network. While no active exploitation has been observed, the nature of the exposed data makes this vulnerability highly sensitive in cloud and enterprise environments.

CVSS Score: 6.5 SEVERITY: Critical THREAT: Information Disclosure

EXPLOITS: There are no publicly disclosed exploits or known in-the-wild attacks at the time of release. Microsoft assessed exploitation as less likely, and no proof-of-concept code has been published.

TECHNICAL SUMMARY: The vulnerability is caused by improper handling of sensitive information within Azure Compute infrastructure supporting ACI Confidential Containers. Certain secrets, including tokens and keys, may be stored in cleartext rather than being securely protected at rest. An attacker with low privileges and authorized access could retrieve this data over the network, leading to unintended disclosure of confidential information.

EXPLOITABILITY: This issue affects Azure environments using ACI Confidential Containers. Exploitation requires low privileges but no user interaction. An attacker who already has authorized access could leverage the weakness remotely to obtain sensitive secrets.

BUSINESS IMPACT: Exposure of secret tokens and cryptographic keys can have serious consequences for organizations running sensitive workloads in Azure. Compromised secrets may enable lateral movement, unauthorized access to cloud resources, data exposure, or service abuse. In regulated or high-trust environments, this could lead to compliance violations, reputational damage, and loss of customer confidence.

WORKAROUND: If immediate patching is not possible, organizations should minimize access to affected container environments, rotate secrets frequently, and review access permissions to ensure only strictly necessary roles are assigned. Monitoring for unusual access to container metadata or secret stores can help reduce risk.

URGENCY: This vulnerability should be addressed promptly due to its critical severity and the high sensitivity of the data at risk. Even without active exploitation, exposure of secrets in cloud environments presents a high-impact risk that can rapidly escalate if abused.