Synapse Analytics privilege escalation via intelligent caching

Published Thu, Mar 7th, 2024


Tenable Research discovered a privilege escalation flaw that allows a user to escalate privileges to that of the root user within the context of a Spark VM. This escalation was achieved because of a permissions issue with scripts utilized by the intelligent caching service (AKA "Vegas") present in the environment.

Affected Services

Synapse Analytics


None required

Tracked CVEs

No tracked CVEs


Disclosure Date
Thu, Jan 25th, 2024
Exploitablity Period
September 2023 - January 2024
Known ITW Exploitation
Detection Methods
Piercing Index Rating
Discovered by
Jimi Sebree, Tenable