Cybersecurity researchers have uncovered three safety weaknesses in Microsoft’s Azure Knowledge Manufacturing unit Apache Airflow integration that, if efficiently exploited, may have allowed an attacker to realize the power to conduct varied covert actions, together with information exfiltration and malware deployment.
“Exploiting these flaws may enable attackers to realize persistent entry as shadow directors over all the Airflow Azure Kubernetes Service (AKS) cluster,” Palo Alto Networks Unit 42 stated in an evaluation revealed earlier this month.
The vulnerabilities, albeit categorised as low severity by Microsoft, are listed under –
- Misconfigured Kubernetes RBAC in Airflow cluster
- Misconfigured secret dealing with of Azure’s inside Geneva service, and
- Weak authentication for Geneva
Moreover acquiring unauthorized entry, the attacker may reap the benefits of the issues within the Geneva service to probably tamper with log information or ship pretend logs to keep away from elevating suspicion when creating new pods or accounts.
The preliminary entry approach includes crafting a directed acyclic graph (DAG) file and importing it to a personal GitHub repository related to the Airflow cluster, or altering an current DAG file. The top objective is to launch a reverse shell to an exterior server as quickly because it’s imported.
To tug this off, the risk actor should first achieve write permissions to the storage account containing DAG recordsdata by using a compromised service principal or a shared entry signature (SAS) token for the recordsdata. Alternatively, they’ll break right into a Git repository utilizing leaked credentials.
Though the shell obtained on this method was discovered to be operating underneath the context of the Airflow consumer in a Kubernetes pod with minimal permissions, additional evaluation recognized a service account with cluster-admin permissions related to the Airflow runner pod.
This misconfiguration, coupled with the truth that the pod may very well be reachable over the web, meant that the attacker may obtain the Kubernetes command-line software kubectl and in the end take full management of all the cluster by “deploying a privileged pod and breaking out onto the underlying node.”
The attacker may then leverage the basis entry to the host digital machine (VM) to burrow deeper into the cloud surroundings, achieve unauthorized entry to Azure-managed inside assets, together with Geneva, a few of which grant write entry to storage accounts and occasion hubs.
“This implies a complicated attacker may modify a susceptible Airflow surroundings,” safety researchers Ofir Balassiano and David Orlovsky stated. “For instance, an attacker may create new pods and new service accounts. They may additionally apply modifications to the cluster nodes themselves after which ship pretend logs to Geneva with out elevating an alarm.”
“This problem highlights the significance of fastidiously managing service permissions to forestall unauthorized entry. It additionally highlights the significance of monitoring the operations of essential third-party providers to forestall such entry.”
The disclosure comes because the Datadog Safety Labs detailed a privilege escalation state of affairs in Azure Key Vault that might allow customers with the Key Vault Contributor function to learn or modify Key Vault contents, comparable to API keys, passwords, authentication certificates, and Azure Storage SAS tokens.
The issue is that whereas a consumer with the Key Vault Contributor function had no direct entry to Key Vault information over a key vault configured with entry insurance policies, it was found that the function did include permissions so as to add itself to Key Vault entry insurance policies and entry Key Vault information, successfully bypassing the restriction.
“A coverage replace may comprise the power to listing, view, replace and customarily handle the information inside the important thing vault,” safety researcher Katie Knowles stated. “This created a state of affairs the place a consumer with the Key Vault Contributor function may achieve entry to all Key Vault information, regardless of having no [Role-Based Access Control] permission to handle permissions or view information.”
Microsoft has since up to date its documentation to emphasise the entry coverage danger, stating: “To stop unauthorized entry and administration of your key vaults, keys, secrets and techniques, and certificates, it is important to restrict Contributor function entry to key vaults underneath the Entry Coverage permission mannequin.”
The event additionally follows the invention of a problem with Amazon Bedrock CloudTrail logging that made it tough to distinguish malicious queries from reputable ones made to massive language fashions (LLMs), thereby permitting dangerous actors to conduct reconnaissance with out elevating any alert.
“Particularly, failed Bedrock API calls have been logged in the identical method as profitable calls, with out offering any particular error codes,” Sysdig researcher Alessandro Brucato stated.
“The shortage of error data in API responses could hinder detection efforts by producing false positives in CloudTrail logs. With out this element, safety instruments could misread regular exercise as suspicious, resulting in pointless alerts and potential oversight of real threats.”
