Azure Guest Agent Design Enables Plaintext Password Theft

guest · Mar 20, 2018

Azure Guest Agent Design Enables Plaintext Password Theft
Researchers find attackers can abuse the design of Microsoft Azure Guest Agent to recover plaintext administrator passwords.
March 20, 2018
https://www.darkreading.com/vulnera...bles-plaintext-password-theft-/d/d-id/1331317

"When we looked into the communication channels between the guest agent and the underlying infrastructure, we were alarmed by the way the guest agent handles sensitive information," says Ofri Ziv, head of Guardicore Labs. [...]
Microsoft says the attack method divulged by Guardicore doesn't constitute a security vulnerability, however.
[...] Guardicore approached the company with its findings 6 months ago, says Ziv, and Microsoft reported the behavior is "by design."

For the attack to be possible, the machine has to have used the VM Access plugin to reset a password at least once. The attacker must also have admin permissions to the Azure machine. With privileged access, it's "fairly easy" to take advantage of this flaw, he points out. [...]
Click to expand...

Log in or Sign up

Azure Guest Agent Design Enables Plaintext Password Theft

guest Guest

Log in or Sign up

Azure Guest Agent Design Enables Plaintext Password Theft

guest Guest

Useful Searches