Palo Alto Networks Details Exploit of Microsoft ACI Service

The Unit 42 research arm of Palo Alto Networks has revealed how it discovered vulnerabilities in the multitenant Kubernetes clusters hosted on the Azure Container Instances (ACI) cloud service provided by Microsoft. Those vulnerabilities could have been exploited to execute code on other users’ containers, steal customer secrets and images or hijack infrastructure resources to illicitly mine cryptocurrencies.

Collectively dubbed Azurescape, the vulnerabilities that Unit 42 researchers were able to compromise represent the first cross-account takeover of a public container cloud service. Since then, Unit 42 has worked with Microsoft to remediate this issue and there are no reported instances of cybercriminals exploiting the vulnerabilities discovered by Unit 42 researchers.

The root cause of the vulnerabilities can be traced back to an older version of the runC container runtime that Microsoft was still using that enabled Unit 42 researchers to escape a container running on top of a virtual machine. RunC v1.0.0-rc2, released in 2016, has at least two known vulnerabilities. Previously, Unit 42 researchers had created a WhoC container image that reads the container runtime executing it. It takes advantage of a design flaw in Linux containers to allow WhoC images to read the underlying host’s container runtime.

Armed with those insights, Unt 42 researchers were able to exploit the way Microsoft uniquely deployed Kubernetes on ACI to gain access to a JSON web token (JWT) via an authorization header to circumvent the virtual machines Microsoft was employing to isolate container images. That approach allowed Unit 42 researchers to identify a cross-tenant attack through which a malicious user could escape their container, acquire a privileged Kubernetes service account token and then take over the Kubernetes application programming interface (API) server to gain control over the multitenant cluster.

Unit 42

As a precautionary measure, Unit 42 researchers are recommending organizations revoke any privileged credentials that were deployed on ACI before Aug. 31, 2021 and to check their access logs for any anomalous behavior.

Ariel Zelivansky, a leader of the Unit 42 cloud research team, says it took his team several months to discover the Azurescape vulnerabilities and then determine how to exploit them. As such, it’s not likely the attack vector has been widely exploited. However, many nation-states have devoted extensive resources to cyberespionage efforts that allow them to patiently research how best to exploit IT platforms.

Ultimately, Azurescape is another object lesson in the need to make sure an IT platform is running the latest version of the components upon which it is built. Most of those updates, after all, were created to address known security issues. Failing to install them simply provides cybercriminals with a roadmap that shows how best to exploit a platform with the least amount of effort required.

In the meantime, it’s not likely Azurescape or other similar vulnerabilities will slow down the rate at which applications are being deployed in the cloud. Most cloud platforms are still more secure than an on-premises IT environment. However, in the wake of a series of high-profile breaches of software supply chains, a review of the processes employed to build and deploy applications is most definitely in order.

Mike Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

Mike Vizard has 1452 posts and counting. See all posts by Mike Vizard