KLA20004 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Azure Arc-enabled Kubernetes cluster Connect can be exploited remotely to gain privileges.
2. An elevation of privilege vulnerability in StorSimple 8000 Series can be exploited remotely to gain privileges.
3. A spoofing vulnerability in Service Fabric Explorer can be exploited remotely to spoof user interface.

Original advisories

CVE-2022-37968

CVE-2022-38017

CVE-2022-35829

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Edge

Microsoft-Azure

CVE list

CVE-2022-37968 critical

CVE-2022-38017 high

CVE-2022-35829 warning

KB list

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

• SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

• Azure Service Fabric ExplorerAzure Arc-enabled Kubernetes cluster 1.8.11Azure StorSimple 8000 SeriesAzure Arc-enabled Kubernetes cluster 1.5.8Azure Arc-enabled Kubernetes cluster 1.7.18Azure Arc-enabled Kubernetes cluster 1.6.19Azure Stack Edge