December 3, 2023

Microsoft has addressed a critical RCE flaw, tracked as CVE-2022-29972 and named SynLapse, resides in thrid party driver that used by Azure Synapse and Azure Data Factory discovered by researchers from orca security

This vulnerability was specific to the third-party ODBC driver used to connect to Amazon Redshift in Azure Synapse pipelines and Azure Data Factory Integration Runtime and did not impact Azure Synapse on a larger extent. The vulnerability could have allowed an attacker to perform RCE across IR infrastructure not limited to a single tenant.

Advertisements

A threat actor can exploit this flaw to acquire the Azure Data Factory service certificate and execute commands in another tenant’s Azure Data Factory Integration Runtimes.

This has been speculated that the tenant separation is not sufficiently robust to prevent users from accessing sensitive data of other tenants, including Azure’s service keys, API tokens, and passwords to other services.

Experts discovered the SynLapse issue in January 4 and fixed it on April 15. Microsoft also said it didn’t found no evidence of attacks exploiting this flaw in the wild.

Tags:

1 thought on “Azure Synapse RCE Fixed by Microsoft

  1. Pingback: Synlapse Vulnerability- RCE Detailed Report - TheCyberThrone

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – November, 2023

December 2, 2023

Staples affected by a Cyber Attack

December 2, 2023

CISA KEV Update Part I – December 2023

December 1, 2023 2

Dollar Tree Affected by a Third Party Breach

December 1, 2023

Apple Patches iOS zerodays – CVE-2023-42916 and CVE-2023-42917

December 1, 2023

TheCyberThrone Security Week In Review – November 25, 2023

November 30, 2023
%d bloggers like this: