Azure on-premises data gateway cross-tenant access

Published Thu, Mar 30th, 2023


Azure on-premises data gateway allows data transfer between an on-prem customer network and several Azure cloud services, and also enables a connected agent installed locally in an on-prem network to perform certain actions remotely. NetSPI discovered a deserialization issue in Microsoft Power Platform connectors that lead to RCE on several Azure backend servers that processed call backs from on-premises data gateways, effectively allowing unauthorized cross-tenant access.

Affected Services

On-premises data gateway


None required

Tracked CVEs

No tracked CVEs


Disclosure Date
Fri, Sep 30th, 2022
Exploitablity Period
Known ITW Exploitation
Detection Methods
Piercing Index Rating
Discovered by
Nick Landers, NetSPI