Microsoft Mitigates RCE Vulnerability.

0
3218

Security flaw mitigated.
Vulnerability codenamed SynLapse.
Resolution to security flaw addressed on 4/15.

Introduction:
Microsoft on Monday disclosed that it mitigated a security flaw affecting Azure Synapse and Azure Data Factory that, if successfully exploited, could result in remote code execution.

Details:
The vulnerability, tracked as CVE-2022-29972, has been codenamed ‘SynLapse’ by researchers who reported the flaw to Microsoft in January 2022. The vulnerability was specific to the third-party Open Database Connectivity (ODBC) driver used to connect to Amazon Redshift in Azure Synapse pipelines and Azure Data Factory Integration Runtime (IR) and did not impact Azure Synapse as a whole. The vulnerability could have allowed an attacker to perform remote command execution across IR infrastructure not limited to a single tenant.

Currently:
A malicious actor can weaponize the bug to acquire the Azure Data Factory service certificate and access another tenant’s Integration Runtimes to gain access to sensitive information, effectively breaking tenant separation protections. The tech giant, which resolved the security flaw on April 15, said it found no evidence of misuse or malicious activity associated with the vulnerability in the wild.

Additional Security Info:
The Redmond-based company has shared Microsoft Defender for Endpoint and Microsoft Defender Antivirus detections to protect customers from potential exploitation, adding it’s working to bolster the security of third-party data connectors by working with driver vendors. The findings come a little over two months after Microsoft remediated an ‘AutoWarp’ flaw impacting its Azure Automation service that could have permitted unauthorized access to other Azure customer accounts and take over control.

Closing:
Last month, Microsoft also resolved a pair of issues dubbed ‘ExtraReplica’ with the Azure Database for PostgreSQL Flexible Server that could result in unapproved cross-account database access in a region.

Reference link for the full story:
Microsoft Mitigates RCE Vulnerability Affecting Azure Synapse and Data Factory

This information is brought to you by Vectech Solutions, The Gold Standard in Cybersecurity

#microsoft #azuredatafactory #azuresynapse