Rewterz Threat Advisory – Multiple Microsoft Azure Site Recovery Vulnerabilities

Severity

High

Analysis Summary

CVE-2022-35824 CVSS:7.2
Microsoft Azure Site Recovery could allow a remote authenticated attacker to execute arbitrary code on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2022-35821 CVSS:4.4
Microsoft Azure Sphere could allow a local authenticated attacker to obtain sensitive information. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.

CVE-2022-35819 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35818 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35817 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35816 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35815 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35814 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35813 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35812 CVSS:4.4
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35811 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35810 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35809 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35808 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35807 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35791 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35790 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35789 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35788 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35787 CVSS:4.9
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35786 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35785 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35784 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35783 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2022-35782 CVSS:6.5
Microsoft Azure Site Recovery could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

Impact

• Code Execution
• Information Disclosure
• Privilege Escalation

Indicators Of Compromise

CVE

• CVE-2022-35824
• CVE-2022-35821
• CVE-2022-35819
• CVE-2022-35818
• CVE-2022-35817
• CVE-2022-35816
• CVE-2022-35815
• CVE-2022-35814
• CVE-2022-35813
• CVE-2022-35812
• CVE-2022-35811
• CVE-2022-35810
• CVE-2022-35809
• CVE-2022-35808
• CVE-2022-35807
• CVE-2022-35791
• CVE-2022-35790
• CVE-2022-35789
• CVE-2022-35788
• CVE-2022-35787
• CVE-2022-35786
• CVE-2022-35785
• CVE-2022-35784
• CVE-2022-35783
• CVE-2022-35782

Affected Vendors

Microsoft

Affected Products

Microsoft Azure Site Recovery VMWare to Azure

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

Microsoft Security TechCenter