Palo Alto Networks’ research arm, Unit 42, revealed how it found vulnerabilities in the multi-tenant Kubernetes clusters hosted on the Azure Container Instances (ACI). The flaws could have been exploited to execute code on users’ containers, steal data or hijack resources to mine cryptocurrencies.
The set of vulnerabilities is called Azurescape. The researchers were able to compromise the flaws, which are the first cross-account takeover of a public container cloud service. Since then, Unit 42 has been working with Microsoft to remediate the issues, with no reported instances of cybercriminals exploiting the flaws in the wild.
The vulnerabilities were traced back to an older version of the runC container runtime Microsoft was still using, which allowed the researchers to escape a container running on top of a virtual machine. RunC v1.0.0-rc2 came out in 2016 and has at least two known flaws.
Previously, Unit 42 researchers had created a WhoC container image that reads the container runtime executing it. That exploits a design flaw in Linux containers that allow WhoC images to read the underlying host’s container runtime. With that in mind, Unit 42 was able to exploit the way Microsoft uniquely deployed Kubernetes on ACI, to access a JSON web token (JWT).
How the exploit works
The group was able to gain access via an authorization header to circumvent virtual machines Microsoft was using to isolate container images. Subsequently, the researchers were able to identify a cross-tenant attack a malicious user could leverage to escape their container, get a privileged Kubernetes service account token and then take over the Kubernetes API server to control the multi-tenant cluster.
Unit 42 researchers are recommending organizations revoke any privileged credentials deployed on ACI before August 31, 2021, and check logs for anomalous behaviour.