medium

AWS CloudShell terminal escape

Published Wed, Mar 10th, 2021

Platforms

Summary

If attacker controlled data is viewed in Cloudshell it could have led to code execution. This exact same issue existed in Azure previously.

Affected Services

Cloudshell

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://bugs.chromium.org/p/project-zero/issues/detail?id=2154 https://twitter.com/_fel1x/status/1391712232380194818

Contributed by https://github.com/0xdabbad00

Disclosure Date

Mon, Feb 8th, 2021

Exploitablity Period

Known ITW Exploitation

Detection Methods

Piercing Index Rating

Discovered by

Felix Wilhelm, Google

More vulnerabilities...

medium

Azure Linux VM extension credential leak

A vulnerability in the Azure Linux VM extension mechanism allowed an unprivileged user to leak any Azure VM extension’s private data. An attacker could have abused this to gain credentials for the ...

Paul Litvak (Intezer), Wout...

Tue, Mar 9th, 2021

high

Azure Cloud Shell and Container Instances breakout

An attacker could gain root privileges on their Azure Cloud Shell container, escape from the container, and then gain root privileges on the underlying node, the root cause being an insecure kubele...

Chen Cohen, eBay

Mon, Feb 15th, 2021

medium

GKE gVisor sandbox escape

A bug in the GKE gVisor sandbox's network policy implementation allowed access to the Google Compute Engine metadata API.

Bastien Chatelard, Koyeb

Wed, Dec 30th, 2020

View all