high

Azure Open Management Infrastructure (OMI) Elevation of Privilege

Published Tue, Jun 14th, 2022
Platforms

Summary

Azure forces the install of an agent on Linux VMs, which contained a vulnerability that allowed privilege escalation (note that this vulnerability is different than OMIGOD, which also resided in the OMI agent).

Affected Services

Azure Automation, Azure Diagnostics, Azure HDInsight, Azure Stack Hub

Remediation

In some cases no manual action is required, but for most Azure services, customers must manually patch the OMI agent. See Microsoft's advisory (linked in references) for further details on how to update in each case.

Tracked CVEs

CVE-2022-29149

References

Disclosure Date
Tue, Jun 14th, 2022
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
OMI version < 1.6.9.1
Discovered by
Microsoft