SentinelOne found critical vulnerabilities in Microsoft Azure Defender for IoT. Microsoft patched the issues. SentinelOne urges users to update as soon as possible.
SentinelLabs, the research arm of SentinelOne, found the vulnerabilities in 2021. Microsoft was notified in June. In December Microsoft published an advisory for each vulnerability: CVE-2021-42310, CVE-2021-42311, CVE-2021-42312, CVE-2021-42313 and CVE-2021-37222.
If you’re using the latest version of Microsoft Azure Defender for IoT, you have nothing to fear. Users of outdated versions should update as soon as possible.
Today, SentinelLabs disclosed how it managed to find and exploit the vulnerabilities. The vulnerabilities provide access to devices protected by Microsoft Azure Defender for IoT. SentinelLabs used a weakness in Azure Password Recovery.
Some vulnerabilities received a CVE score of 10: very critical. There is no evidence of cybercriminals exploiting the vulnerabilities.
Organizations use Microsoft Azure Defender for IoT to secure IoT and OT devices. Typically, IoT and OT device security completely depends on the platform. There’s no safety net. A single vulnerability can open the doors to the network, which explains the critical CVE scores.
“Cloud providers heavily invest in securing their platforms, but unknown zero-day vulnerabilities are inevitable and put customers at risk”, shares SentinelLabs. “Cloud users should take a defense-in-depth approach to cloud security to ensure breaches are detected and contained, whether the threat comes from the outside or from the platform itself.”