KLA20046
Multiple vulnerabilities in Microsoft Azure

Обновлено: 10/11/2022

Дата обнаружения	08/11/2022
Уровень угрозы	Critical
Описание	Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: A remote code execution vulnerability in Azure RTOS GUIX Studio can be exploited remotely to execute arbitrary code. An elevation of privilege vulnerability in Windows Subsystem for Linux (WSL2) Kernel can be exploited remotely to gain privileges. An elevation of privilege vulnerability in Azure CycleCloud can be exploited remotely to gain privileges. A remote code execution vulnerability in Azure CLI can be exploited remotely to execute arbitrary code.
Пораженные продукты	Azure CycleCloud 8 Azure EFLOW Azure CLI Azure RTOS GUIX Studio Azure CycleCloud 7
Решение	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения	CVE-2022-41051 CVE-2022-38014 CVE-2022-41085 CVE-2022-39327
Оказываемое влияние ?	ACE [?] SB [?] PE [?]
Связанные продукты	Microsoft Azure
CVE-IDS	CVE-2022-380145.0Critical CVE-2022-410515.0Critical CVE-2022-410855.0Critical CVE-2022-393275.0Critical
	Узнай статистику распространения уязвимостей в твоем регионе

KLA20046Multiple vulnerabilities in Microsoft Azure