Palo Alto Networks Details Exploit of Microsoft ACI Service

The Unit 42 research arm of Palo Alto Networks has revealed how it discovered vulnerabilities in the multitenant Kubernetes clusters hosted on the Azure Container Instances (ACI) cloud service provided by Microsoft. Those vulnerabilities could have been exploited to execute code on other users’ containers, steal customer secrets and images or hijack infrastructure resources to illicitly mine cryptocurrencies.

Collectively dubbed Azurescape, the vulnerabilities that Unit 42 researchers were able to compromise represent the first cross-account takeover of a public container cloud service. Since then, Unit 42 has worked with Microsoft to remediate this issue and there are no reported instances of cybercriminals exploiting the vulnerabilities discovered by Unit 42 researchers.

The root cause of the vulnerabilities can be traced back to an older version of the runC container runtime that Microsoft was still using that enabled Unit 42 researchers to escape a container running on top of a virtual machine. RunC v1.0.0-rc2, released in 2016, has at least two known vulnerabilities. Previously, Unit 42 researchers had created a WhoC container image that reads the container runtime executing it. It takes advantage of a design flaw in Linux containers to allow WhoC images to read the underlying host’s container runtime.

Armed with those insights, Unt 42 researchers were able to exploit the way Microsoft uniquely deployed Kubernetes on ACI to gain access to a JSON web token (JWT) via an authorization header to circumvent the virtual machines Microsoft was employing to isolate container images. That approach allowed Unit 42 researchers to identify a cross-tenant attack through which a malicious user could escape their container, acquire a privileged Kubernetes service account token and then take over the Kubernetes application programming interface (API) server to gain control over the multitenant cluster.

Unit 42

As a precautionary measure, Unit 42 researchers are recommending organizations revoke any privileged credentials that were deployed on ACI before Aug. 31, 2021 and to check their access logs for any anomalous behavior.

Ariel Zelivansky, a leader of the Unit 42 cloud research team, says it took his team several months to discover the Azurescape vulnerabilities and then determine how to exploit them. As such, it’s not likely the attack vector has been widely exploited. However, many nation-states have devoted extensive resources to cyberespionage efforts that allow them to patiently research how best to exploit IT platforms.

Ultimately, Azurescape is another object lesson in the need to make sure an IT platform is running the latest version of the components upon which it is built. Most of those updates, after all, were created to address known security issues. Failing to install them simply provides cybercriminals with a roadmap that shows how best to exploit a platform with the least amount of effort required.

In the meantime, it’s not likely Azurescape or other similar vulnerabilities will slow down the rate at which applications are being deployed in the cloud. Most cloud platforms are still more secure than an on-premises IT environment. However, in the wake of a series of high-profile breaches of software supply chains, a review of the processes employed to build and deploy applications is most definitely in order.

Mike Vizard

Mike Vizard is a veteran IT journalist with more than 25 years of experience covering the technology industry, having previously served as Editor-in-Chief of both CRN and InfoWorld and as editorial director for Ziff-Davis Enterprise, where he oversaw titles including eWEEK, CIO Insight and Baseline. Over his career he has also edited or contributed to a wide range of enterprise technology publications, including IT Business Edge, Channel Insider, ComputerWorld, TMCNet and Digital Review, and he later led editorial for CTOEdge.com. His reporting and analysis span software development, cloud computing, cybersecurity, IT channel strategy and, more recently, artificial intelligence and DevOps practices. A recognized voice in enterprise IT journalism, Vizard is known for tracking emerging technology trends as they move from early adoption into mainstream enterprise use. He now serves as Chief Content Officer for Techstrong Group, where he oversees editorial strategy across the full network — DevOps.com, Security Boulevard, Cloud Native Now, Digital CxO, Techstrong.ai, TechStrong.IT, Techstrong Semi and PlatformEngineering.com — in addition to writing and hosting content for Techstrong TV and the Techstrong Gang podcast.

    Mike Vizard has 1813 posts and counting. See all posts by Mike Vizard