Request a Demo
Rewterz
Rewterz Threat Alert – CVE-2023-3519 Exploited: Credential Harvesting Campaign Targets Citrix Netscaler Gateways – Active IOCs
October 11, 2023
Rewterz
Rewterz Threat Advisory – Multiple Microsoft Skype Vulnerabilities
October 11, 2023

Rewterz Threat Advisory – Multiple Microsoft Azure Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-36418 CVSS: 7.8

Microsoft Azure could allow a local attacker to execute arbitrary code on the system, caused by a flaw in the RTOS GUIX Studio component. By executing a specially crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-36415 CVSS: 8.8

Microsoft Azure DevOps Server could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an integer overflow. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-36419 CVSS: 8.8

Microsoft Azure HDInsight could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in Apache Oozie Workflow Scheduler component. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.

CVE-2023-36414 CVSS: 8.8

Microsoft Azure Identity SDK could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an integer overflow. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-36561 CVSS: 7.3

Microsoft Azure DevOps Server could allow a remote attacker to gain elevated privileges on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.

CVE-2023-36737 CVSS: 7.8

Microsoft Azure Network Watcher VM Extension could allow a local authenticated attacker to gain elevated privileges on the system. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.

Impact

  • Code Execution
  • Privilege Escalation

Indicators Of Compromise

CVE

  • CVE-2023-36418
  • CVE-2023-36415
  • CVE-2023-36419
  • CVE-2023-36414
  • CVE-2023-36561
  • CVE-2023-36737

Affected Vendors

Microsoft

Affected Products

  • Microsoft Azure HDInsights
  • Microsoft Azure DevOps Server 2022.0.1
  • Microsoft Azure Network Watcher VM Extension
  • Microsoft Azure DevOps Server 2020.1.2
  • Microsoft Azure DevOps Server 2020.0.2
  • Microsoft Azure Identity SDK
  • Microsoft Azure RTOS GUIX Studio Installer Application
  • Microsoft Azure RTOS GUIX Studio

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2023-36418

CVE-2023-36415

CVE-2023-36419

CVE-2023-36414

CVE-2023-36561

CVE-2023-36737