Azure on-premises data gateway allows data transfer between an on-prem customer network and
several Azure cloud services, and also enables a connected agent installed locally in an
on-prem network to perform certain actions remotely. NetSPI discovered a deserialization
issue in Microsoft Power Platform connectors that lead to RCE on several Azure backend
servers that processed call backs from on-premises data gateways, effectively allowing
unauthorized cross-tenant access.
On-premises data gateway
No tracked CVEs