Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA20046
Multiple vulnerabilities in Microsoft Azure

Updated: 11/10/2022
Detect date
?
 11/08/2022
Severity
?
 Critical
Description

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Azure RTOS GUIX Studio can be exploited remotely to execute arbitrary code.
  2. An elevation of privilege vulnerability in Windows Subsystem for Linux (WSL2) Kernel can be exploited remotely to gain privileges.
  3. An elevation of privilege vulnerability in Azure CycleCloud can be exploited remotely to gain privileges.
  4. A remote code execution vulnerability in Azure CLI can be exploited remotely to execute arbitrary code.
Affected products

Azure CycleCloud 8
Azure EFLOW
Azure CLI
Azure RTOS GUIX Studio
Azure CycleCloud 7
Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories

CVE-2022-41051
CVE-2022-38014
CVE-2022-41085
CVE-2022-39327
Impacts
?
ACE 
[?]

SB 
[?]

PE 
[?]
Related products
 Microsoft Azure
CVE-IDS
?
CVE-2022-380145.0Critical
CVE-2022-410515.0Critical
CVE-2022-410855.0Critical
CVE-2022-393275.0Critical
Find out the statistics of the vulnerabilities spreading in your region
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy Cookies

Up