Users of Azure who run Linux virtual machines can be unaware that Microsoft has put a highly susceptible piece of management software on their machine that can be remotely exploited in a surprise and equally unwise way.
An attacker can acquire root access on a remote system by sending a single packet with the authentication header removed, according to Wiz.io, which discovered four vulnerabilities in Microsoft’s Open Management Infrastructure project.
Wiz security researcher Nir Ohfeld commented, “This is a typical RCE vulnerability that businesses would expect to see in the 1990s—quite it’s odd to have one pop up in 2021 that potentially exposes millions of endpoints.”
To Read More: ZDNet
For more such updates follow us on Google News ITsecuritywire News.