Product
Attackers with access to an Azure subscription or VM management plane can leverage the Azure VM CustomScript extension to execute arbitrary code with SYSTEM privileges on Windows virtual machines, leading to various malicious activities such as reconnaissance, malware deployment, and persistence.