Microsoft has addressed a vulnerability in the Azure Automation service, dubbed as ‘AutoWarp’, that could have allowed attackers to take complete control over other Azure customers' data. The vulnerability allows an attacker to steal other Azure customers' Managed Identities authentication tokens from an internal server that manages the sandboxes of other users.
Microsoft fixed the security flaw by blocking access to auth tokens to all sandboxes except the one that had legitimate access. The company notified all affected Azure Automation service customers and recommended following the security best practices.
Azure Automation accounts impacted by this vulnerability include those with the Managed Identity feature enabled. The company publicly disclosed the vulnerability, saying that it found no evidence that Managed Identities tokens were misused, or AutoWarp exploited in attacks.
Orca Security's Cloud Security Researcher, who discovered the bug, said, “Someone with malicious intentions could've continuously grabbed tokens, and with each token, widen the attack to more Azure customers. This attack could mean full control over resources and data belonging to the targeted account, depending on the permissions assigned by the customer. We discovered large companies at risk (including a global telecommunications company, two car manufacturers, a banking conglomerate, big four accounting firms, and more).”
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
