Privilege escalation and file poisoning in Synapse Analytics

Published Mon, Jun 13th, 2022


Tenable Research discovered a privilege escalation flaw that allows a user to escalate privileges to that of the root user within the context of a Spark VM. They also discovered a separate flaw that allows a user to poison the hosts file on all nodes in their Spark pool, which would allow an attacker to redirect subsets of traffic and snoop on services users generally do not have access to.

Affected Services

Synapse Analytics


None required

Tracked CVEs

No tracked CVEs


Disclosure Date
Thu, Mar 10th, 2022
Exploitablity Period
Until June 1st, 2022
Known ITW Exploitation
Detection Methods
Piercing Index Rating
Discovered by