Cloud Security, Cloud Security

Azure Functions Weakness Allows Privilege Escalation

A vulnerability in Microsoft’s Azure Functions cloud container dubbed “Royal Flush” by Intezer researchers could potentially allow threat actors to escalate privileges and escape the container, according to Threatpost. Researchers discovered that while the –privileged Docker flag enabled in Azure Functions containers allows sharing of device files in the /dev directory between the container guest and the Docker host, the devices also have read-write permissions for “others,” potentially allowing an attacker to gain privileges to perform unauthorized actions such as reading files from the file system and, if able to reach root privilege, use one of various Docker escape methods to escape to the Docker host. In their analysis, the researchers demonstrated their use of the Debugfs utility on a local test container to traverse the Azure Functions file system, directly edit files inside and instigate a “preload-hijack” prior to spreading malicious code on the Docker host. Microsoft Security Response Center has been informed of the vulnerability but determined that it “has no security impact on Azure Functions users” and will not release a patch, though the researchers stressed the vulnerability could still pose a danger when exploited by an advanced attacker.
Jill Aitoro

Jill Aitoro is senior vice president of content strategy for CyberRisk Alliance. She has more than 20 years of experience editing and reporting on technology, business and policy. Prior to joining CRA, she worked at Sightline Media as editor of Defense News and executive editor of the Business-to-Government Group. She previously worked at Washington Business Journal and Nextgov, covering federal technology, contracting and policy, as well as CMP Media’s VARBusiness and CRN and Penton Media’s iSeries News.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.