CVE-2026-21522 is a command injection vulnerability classified under CWE-77 affecting Microsoft ACI Confidential Containers, a product integrated with Azure Compute Gallery. The vulnerability arises from improper neutralization of special elements in commands, allowing an attacker with authorized local access and high privileges to execute arbitrary commands on the host system. This can lead to privilege escalation, compromising confidentiality, integrity, and availability of the affected system. The vulnerability affects version 1.0.0 of the product and was published on February 10, 2026. The CVSS 3.1 base score of 6.7 indicates a medium severity, with attack vector being local, low attack complexity, and requiring high privileges but no user interaction. The scope is unchanged, meaning the impact is confined to the vulnerable component. No public exploits are known at this time, but the potential for privilege escalation makes it a significant risk in environments relying on ACI Confidential Containers for secure containerized workloads. The lack of a patch link suggests that a fix may be forthcoming or under development. This vulnerability highlights the importance of proper input validation and command sanitization in container orchestration and confidential computing environments.

The vulnerability allows an attacker with existing high privileges on a system running Microsoft ACI Confidential Containers to escalate privileges further by injecting arbitrary commands. This can lead to full system compromise, unauthorized data access, modification, or destruction, and disruption of containerized workloads. Organizations relying on confidential containers for sensitive or regulated workloads risk exposure of confidential data and potential operational downtime. Since the attack requires local privileged access, the threat is primarily to insiders or attackers who have already breached perimeter defenses. However, successful exploitation could facilitate lateral movement and deeper compromise within an organization's infrastructure. The impact extends to cloud service providers and enterprises using Azure Compute Gallery and confidential container technology, potentially affecting cloud security and trust.

1. Monitor for updates from Microsoft and apply patches promptly once available to address CVE-2026-21522. 2. Implement strict input validation and sanitization on all commands and parameters processed by ACI Confidential Containers to prevent injection of special characters or malicious payloads. 3. Limit the number of users with high privileges on systems running ACI Confidential Containers to reduce the attack surface. 4. Employ robust access controls and auditing to detect and prevent unauthorized local access. 5. Use container security best practices such as running containers with least privilege, isolating workloads, and monitoring container behavior for anomalies. 6. Consider network segmentation to limit lateral movement if a container host is compromised. 7. Conduct regular security assessments and penetration testing focused on container environments to identify similar injection flaws. 8. Educate administrators and developers on secure coding and configuration practices related to command execution within container platforms.