#Azure Connected Machine Agent

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could create or delete files in the security context of the NT AUTHORITY\\ SYSTEM account.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability?** A non-admin local user who has sufficient permissions to create symbolic links on a Windows computer that has Azure Connected Machine Agent installed (or before the agent is installed) could create links from a directory used by the agent to other privileged files on the computer. If the administrator later installs virtual machine extensions on the machine, those files could be deleted.

**According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability?** A non-admin local user who has sufficient permissions to create symbolic links on a Windows computer that has Azure Connected Machine Agent installed (or before the agent is installed) could create links from a directory used by the agent to other privileged files on the computer. If the administrator later installs virtual machine extensions on the machine, those files could be deleted.