External initialization of trusted variables or data stores in Azure Entra ID allows an unauthorized attacker to elevate privileges locally.
According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. How could an attacker exploit this vulnerability? An unprivileged local user on an affected Azure Linux VM can obtain root privileges. How can customers update the Microsoft Azure AD SSH Login extension for Linux? Customers update the Azure AD SSH Login extension by using their Linux distribution’s package manager to install the latest version of the aadsshlogin package. Systems with the extension already installed have packages.microsoft.com configured automatically, so no additional setup is required. Depending on the Linux distribution, customers should run one of the following commands: Ubuntu or Debian: sudo apt update aadsshlogin RHEL-based distributions (RHEL, CentOS, Rocky Linux, AlmaLinux, Oracle Linux): sudo dnf update aadsshlogin SUSE-based distributions (SLES, openSUSE): sudo zypper update aadsshlogin
<a href="https://x.com/sagitz_">Sagi Tzadik</a> with <a href="https://www.wiz.io/">Wiz</a>