Quote:A critical security vulnerability allowing attackers to perform cross-account container takeover in Microsoft’s public cloud, dubbed “Azurescape”, has been uncovered by researchers.
The issue exists in Azure Container Instances (ACI), which is Microsoft’s container-as-a-service (CaaS) offering (which enables users to run cloud containers without having to deal with managing the underlying infrastructure). Part of the infrastructure hosting ACI consists of multitenant Kubernetes clusters, which can be compromised to allow cyberattackers to gain full control over other users’ containers, researchers from Palo Alto Networks’ Unit 42 team explained.
“A malicious Azure user could have exploited these issues to execute code on other users’ containers, steal customer secrets and images deployed to the platform, and possibly abuse ACI’s infrastructure for cryptomining,” they said in a Thursday posting.
Microsoft has rolled out a patch to ACI, but users should revoke any privileged credentials that were deployed to the platform before Aug. 31 to avoid compromise. They should also review access logs for any irregularities, Unit 42 recommended.
Read more: 'Azurescape' Kubernetes Attack Allows Cross-Container Cloud Compromise | Threatpost
![[-]](https://www.geeks.fyi/images/collapse.png)
