Microsoft says it found a vulnerability in the Azure Automation service in December. However, the company says it issued a fix when the flaw was disclosed by cyber firm Orca Security. Furthermore, Microsoft points out so far it has not seen the vulnerability exploited in the wild.
The company says if a fix was not sent out the vulnerability would give threat actors the ability to cross tenants in Azure. This could provide a way to gain access to resources from a range of customers.
“You could very easily gotten a lot of access to a lot of customers,” points out Yoav Alon, CTO at cloud security firm Orca Security.
It is worth noting just because no exploit has been found, it is possible it could happen. If a system has not been updated, it will remain at risk to the vulnerability. Orca calls the flaw “AutoWarp,” and it was found on Dec 6, 2021. The company sent a report to Microsoft the same day and a fix was sent out on December 10.
Fixed and no Exploits
Microsoft and Orca points out the AutoWarp flaw means Managed Identity tokens may have been exposed to other tenants. These are the keys that allow access to different areas of Azure. Microsoft says it has “not detected evidence of misuse of tokens.”
Azure Automation is a service that allows users to automate code.
“You could get into it in minutes, and just upload your code and use it immediately,” he said. “So I think if someone wanted to automate anything on the cloud, they would use the Azure Automation service.”
Tip of the day: Headsets are a vital tool for communication and can cause stressful moments when they don´t work as planned. In our tutorial we are showing you how to properly set up a headset on your Windows PC so this will be a thing of the past.