• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

New Microsoft Azure Vulnerability Uncovered — Experts Warn of RCE Attacks

You are here: Home / General Cyber Security News / New Microsoft Azure Vulnerability Uncovered — Experts Warn of RCE Attacks
January 19, 2023

Microsoft Azure Vulnerability

A new critical remote code execution (RCE) flaw uncovered impacting numerous products and services associated to Microsoft Azure could be exploited by a malicious actor to absolutely get manage of a focused application.

“The vulnerability is achieved by way of CSRF (cross-site ask for forgery) on the ubiquitous SCM services Kudu,” Ermetic researcher Liv Matan stated in a report shared with The Hacker News. “By abusing the vulnerability, attackers can deploy destructive ZIP information made up of a payload to the victim’s Azure application.”

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The Israeli cloud infrastructure security business, which dubbed the shortcoming EmojiDeploy, claimed it could even further allow the theft of delicate data and lateral movement to other Azure products and services.

Microsoft has due to the fact set the vulnerability as of December 6, 2022, pursuing responsible disclosure on October 26, 2022, in addition to awarding a bug bounty of $30,000.

The Windows maker describes Kudu as the “motor at the rear of a number of attributes in Azure App Provider linked to supply handle centered deployment, and other deployment solutions like Dropbox and OneDrive sync.”

In a hypothetical attack chain devised by Ermetic, an adversary could exploit the CSRF vulnerability in the Kudu SCM panel to defeat safeguards put in location to thwart cross-origin attacks by issuing a specifically crafted ask for to the “/api/zipdeploy” endpoint to provide a destructive archive (e.g., web shell) and gain distant accessibility.

The ZIP file, for its portion, is encoded in the system of the HTTP ask for, prompting the victim software to navigate to an actor-management domain hosting the malware by way of the server’s identical-origin coverage bypass.

Cross-web-site request forgery, also recognized as sea surf or session using, is an attack vector whereby a menace actor tricks an authenticated consumer of a web application into executing unauthorized instructions on their behalf.

“The impact of the vulnerability on the business as a whole is dependent on the permissions of the applications managed identification,” the firm reported. “Successfully making use of the basic principle of least privilege can noticeably restrict the blast radius.”

The findings appear days after Orca Security uncovered four circumstances of server-aspect request forgery (SSRF) attacks impacting Azure API Management, Azure Functions, Azure Device Discovering, and Azure Electronic Twins.

Identified this post appealing? Abide by us on Twitter  and LinkedIn to read far more special articles we post.


Some areas of this report are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Ransomware Payments Fall by 40% in 2022

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New Microsoft Azure Vulnerability Uncovered — Experts Warn of RCE Attacks
  • Ransomware Payments Fall by 40% in 2022
  • Android Users Beware: New Hook Malware with RAT Capabilities Emerges
  • New Research Delves into the World of Malicious LNK Files and Hackers Behind Them
  • 6 Types of Risk Assessment Methodologies + How to Choose
  • Over a Third of Recent ICS Bugs Still Have No Vendor Patch
  • Bitzlato Crypto Exchange Founder Arrested for Aiding Cybercriminals
  • Windows 11 System Restore bug preventing users from accessing apps
  • Hundreds of Malicious Packages Found in npm Registry
  • FTX: Over $400m Was Stolen from Bankrupt Exchange

Copyright © TheCyberSecurity.News, All Rights Reserved.