AutoWarp Vulnerability Executive Summary
- AutoWarp is a critical vulnerability found in Azure Automation service that allows access to the internal server managing the Azure Sandbox.
- The Web services are running locally on random high ports and the JWT tokens have subscription ID, tenant ID, and automation account resource ID.
- These random ports provide the JWT of other people’s Azure accounts to attackers which can be further used to access the accounts.
Microsoft Azure Automation Service
Microsoft Azure is a cloud based process automation service that also offers computing, analytics, network, and storage services. Users can leverage Microsoft Azure Automation to execute automation code in a controlled environment. They can also create and schedule jobs, as well as provide input and output. Each user’s automation code is segregated from other users’ code running on the same virtual machine in a sandbox.
What is AutoWarp Automation Security Vulnerability?
AutoWarp is a critical vulnerability in the Azure Automation service that allows unauthorized access to other Azure customer accounts. Depending on the permissions granted by the customer, this attack could result in complete control over the target account’s resources and data.
Using exposed JWT (JSON Web Tokens), the vulnerability permits unauthorized access to other people’s Azure accounts. This exploitation was executed by making a GET request to discover local endpoints, which in turn exposed the JWT token to the researcher. If enough permission is granted, the JWT token will get mapped directly to the managed identity, granting access to the account.
Any user who has been using the Azure Automation service is vulnerable to the AutoWarp vulnerability. Additionally, any user’s account that has the Automation account’s Managed Identity feature turned on (usually enabled by default) becomes immediately susceptible to the vulnerability. Microsoft mitigated the issue by blocking access to Managed Identities tokens to all sandbox environments except the one that had legitimate access.
AutoWarp is the third major flaw disclosed in Azure more recently. Azure also exposed the OHMIGOD remote code execution vulnerability in September 2021, and the NotLegit hole vulnerability in December 2021, which allowed unauthorized file downloads and persisted for four years.
AutoWarp Discovery Timeline
- 6 December 2021: The AutoWarp vulnerability was identified and disclosed to Microsoft.
- 7 December 2021: Large companies, including a global telecommunications company, two car manufacturers, a banking conglomerate, big four accounting firms, etc., were identified to be affected by this flaw.
- 10 December 2021: Microsoft patched the vulnerability and began examining for more iterations of the attack.
- 7 March 2022: Microsoft’s investigation was completed and the results were made public.
- The file structure has two directories inside the C: Drive named Orchestrator and temp. The Orchestrator, in turn, contains a filename called sandbox which could have the details on how to run the sandbox. The temp directory contains a file named “trace.log” inside the “diags” directory.
- The trace.log file contains a very intriguing endpoint indicating the presence of a web service running locally on random ports with port numbers that are very high, around 40,000.
- The Orchestrator directory contains .NET code, which discloses two routes, namely “/oauth2/token” and “/metadata/identity/oauth2/token,” mapped to a controller called MSIController.
- This MSIController class contains a method named “GetMSIToken,” which can be used to obtain the access token using the GET parameter mentioned in the function.
- Once the request is sent successfully, the JWT, which contains information like subscription ID, tenant ID, and automation account resource ID, is provided.
- The token received can be validated using Azure CLI and if proper permissions are enabled for automation scripts, it gets mapped with the managed identity.
- There is no harm in mapping the token with managed identity. The main flaw comes with the local service running on those high random ports. When an automated operation executes, the ports change, but they remain within a certain range of 40,000.
- Now that each random port is known to provide a JWT. As these ports provide a new endpoint that belongs to other users’ Azure accounts, it directly indicates that we can access the JWT of other user Azure accounts. And if the provided permissions are enough, then the attacker will obtain complete access to their Azure account.
|Impact||How can you Mitigate AutoWarp Vulnerability|
- Yanir Tsarimi Blog: https://orca.security/resources/blog/autowarp-microsoft-azure-automation-service-vulnerability/
- MSRC official release: https://msrc-blog.microsoft.com/2022/03/07/13943/