Microsoft Azure users are being warned of a newly discovered vulnerability which can be exploited for RCE (Remote Code Execution) attacks. The vulnerability, known as 'Emojideploy', was revealed following an investigation into a suspicious FTP connection made on Christmas Day by a malicious actor. Upon further investigation, it was discovered that Microsoft Azure allowed remote users to deploy arbitrary code via FTP file transfer with no authentication required. This lack of authentication provided a vulnerable attack vector which could be exploited by an attacker to gain access to the system and execute malicious code.
The vulnerability has now been patched, however, admins are being cautioned to ensure their systems are secure against potential threats such as Emojideploy. To protect their systems, the first step should be to review their access control policies to ensure that only those with legitimate credentials are allowed access to the system. Additionally, admins should ensure that a patching strategy is in place and that any critical security updates are applied in a timely manner. Finally, cyber security monitoring solutions should be deployed to quickly detect any suspicious activity.
By understanding the risk posed by this new Microsoft Azure vulnerability and taking the necessary security measures, organizations can protect their systems against malicious actors. This is especially important for those organisations who rely on cloud computing for mission-critical applications. By staying aware of the threats and mitigating any potential risks, Azure users can prevent an exploitation of the vulnerable Emojideploy attack vector and safeguard their data.
This Cyber News was published on heimdalsecurity.com. Publication date: Mon, 23 Jan 2023 18:57:29 +0000