Azure 'AutoWarp' bug allowed unauthorised account access

By on
Azure 'AutoWarp' bug allowed unauthorised account access

Put large enterprises at risk of full compromise.

A critical vulnerability in Microsoft's Azure Automation Service left other cloud tenants open to attacks that could assume full control of their data and resources, security researchers found.

Security vendor Orca Security, which named the vulnerability AutoWarp, said the flaw put large companies in the telecommunications, car manufacturing, banking and acccounting sectors at risk.

The vulnerability lay within the Azure Automation Service, which allows cloud customers to run scheduled jobs with input and output provided inside of a sandbox that would isolate them from other customers code executing on the same virtual machine.

Orca Security discovered a way to interact with the internal Azure server that manages sandboxes for other customers, allowing researchers to capture managed identity access tokens.

With the tokens in hand, it would have been possible to attack and compromise other Azure customers.

A simple script that made hyper-text transfer protocol requests to transmission control protocol ports numbered above 40,000 allowed Orca to capture the access tokens.

The bug was reported to Microsoft by Orca, and fixed early December last year with customers being notified.

Microsoft fixed the vulnerability by requiring an X-IDENTITY-HEADER field for the abovementioned HTTP requests, that contains a secret value set in customers' environment variables.

At this stage, Microsoft said it has not detected any misuse of managed identities for Azure.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © . All rights reserved.

Most Read Articles

Log In

  |  Forgot your password?