Microsoft published CVE-2026-33105 on April 3, and the headline numbers are alarming: CVSS 10.0, the maximum possible score, for a privilege escalation vulnerability in Azure Kubernetes Service.
Here’s what is confirmed from the official advisory:
- Category: Improper authorization (CWE-285)
- Attack vector: Network — no local access required
- Privileges required: None
- User interaction: None required
- Scope: Changed — meaning a successful exploit can affect resources beyond the initially targeted component
- Impact: High across confidentiality, integrity, and availability
That combination — remote, unauthenticated, scope-changing, full-impact — justifies the maximum CVSS score. An attacker exploiting this could potentially escalate to broad cluster control.
What we don’t know yet
The specific vulnerable component within AKS has not been publicly identified. No affected version range has been confirmed, and patch availability hasn’t been officially detailed as of this writing. The EPSS score sits around 0.05%, meaning active exploitation in the near term is considered unlikely despite the severity rating. Microsoft has not reported in-the-wild exploitation.
This is a high-severity, low-clarity vulnerability. The details Microsoft has published are intentionally sparse at this stage, which is common practice to limit exploitation before the patch window closes. Treat any article — including this one — with appropriate skepticism if it describes specific attack paths or internal AKS components. No such detail has been publicly disclosed.
What you can do now
The uncertainty doesn’t mean inaction. Managed control plane vulnerabilities like this are exactly the scenario where your existing hygiene determines blast radius. Three things worth checking regardless of patch status:
- Cluster role bindings you didn’t create. If you can’t explain why a binding exists, investigate it.
- Service accounts with more permissions than they need. The principle of least privilege matters most when authorization controls are the attack surface.
- API server audit logs. If you’re not shipping these somewhere queryable, you wouldn’t know if someone had exploited this before any patch landed.
Monitor the Microsoft Security Response Center for updated guidance on affected versions and patch availability. When details are confirmed, the priority level for this one is clear.