services / Azure / Virtual Machine in Scale Set
An individual virtual machine instance within an Azure Virtual Machine Scale Set, a production compute resource that runs application workloads and may carry an attached managed identity.
Production compute supporting a single organizational function; instances can hold managed identities and host application data on attached disks.
Microsoft.Compute/virtualMachineScaleSets/virtualMachines/runCommand/action
Executes attacker-controlled scripts inside the instance (typically root/SYSTEM) in its identity context, enabling lateral movement via the VM's managed identity, on-host data exfiltration, system/data tampering, and compute hijacking.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security