Four zero-day vulnerabilities in a open source software integrated with a lot of data Azure services can be exploited for elevation of privilege and remote code execution attacks, report cybersecurity researchers.
The vulnerabilities of the software agent named Open Management Infrastructure (OMI) were discovered by researchers of Wiz , who estimate that they affect thousands of cAzure customers, across millions of endpoints.
The OMI agent is automatically deployed in Linux ( VM ) when users activate certain Azure services, the researchers point out. TechRadar needs you!
We're taking a look at how our readers are using VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we would be very grateful if you could share your experiences with us.
>> Click here to start the survey in a new window <<
" One of the biggest challenges in preventing [cyberattacks] is that our digital supply chain is not transparent. If you don't know what's hidden in the services and products you use every day, how can you manage the risk? ”argue the researchers.
Software supply chain blind spot
The vulnerabilities affect Azure clients on Linux machines, which some estimates , make up a significant number of all Azure instances.
These users put their virtual machines at risk when they use certain Azure services such as Azure Automation, Azure Automatic Update, Azure Log Analytics, Azure Configuration Management, and others.
In fact, Wiz researchers note that analysis of a small sample of Azure tenants found that over 65% were at risk for vulnerabilities, named "OMIGOD ", which was the first reaction of the researchers when they discovered them.
"In addition to the keysBesides the Azure cloud, other Microsoft customers are affected because OMI can be installed independently on any Linux machine and is frequently used on-premises, ”the researchers add.
The good news is that Microsoft has provided fixes for the issues under the September Patch Tuesday , and Wiz urges all Azure users to make sure they are running patched versions of IMO.