• Home
  • cyber
  • Azure - Microsoft's Cloud Computing Platform
cyber Vulnerability

Azure - Microsoft's Cloud Computing Platform

Mar 11, 2022 1 min read
Azure - Microsoft's Cloud Computing Platform

A recently discovered vulnerability in Microsoft's Azure Automation service could permit unauthorized access to Azure customer accounts.

The exploitation of the vulnerability could give the attacker full control over resources and data belonging to the targeted account.

This vulnerability was recently used to attack several firms including a telecommunications company, two car manufacturers, a banking conglomerate, and big four accounting firms.

Source: https://thehackernews.com/2022/03/microsoft-azure-autowarp-bug-could-have.html

TPRM report: https://scoringcyber.rankiteo.com/company/azure---microsoft's-cloud-computing-platform

"id": "azu3299322",
"linkid": "azure---microsoft's-cloud-computing-platform",
"type": "Vulnerability",
"date": "03/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Telecommunications',
                        'type': 'Telecommunications Company'},
                       {'industry': 'Automotive', 'type': 'Car Manufacturer'},
                       {'industry': 'Automotive', 'type': 'Car Manufacturer'},
                       {'industry': 'Finance', 'type': 'Banking Conglomerate'},
                       {'industry': 'Accounting',
                        'type': 'Big Four Accounting Firm'}],
 'attack_vector': 'Vulnerability Exploitation',
 'data_breach': {'type_of_data_compromised': 'Full control over resources and '
                                             'data'},
 'description': "A recently discovered vulnerability in Microsoft's Azure "
                'Automation service could permit unauthorized access to Azure '
                'customer accounts. The exploitation of the vulnerability '
                'could give the attacker full control over resources and data '
                'belonging to the targeted account. This vulnerability was '
                'recently used to attack several firms including a '
                'telecommunications company, two car manufacturers, a banking '
                'conglomerate, and big four accounting firms.',
 'impact': {'data_compromised': 'Full control over resources and data'},
 'motivation': 'Full control over resources and data',
 'title': 'Unauthorized Access to Azure Customer Accounts',
 'type': 'Unauthorized Access',
 'vulnerability_exploited': 'Azure Automation service vulnerability'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.