Trend Micro, a leading cybersecurity company, has revealed multiple vulnerabilities in Azure Machine Learning during a session at Black Hat USA 2023 on Thursday. The session, titled “Uncovering Azure’s Silent Threats: A Journey into Cloud Vulnerabilities,” highlighted flaws found in Azure ML, the cloud platform’s machine learning as a service (MLaaS) product. The researchers at Trend Micro identified two categories of vulnerabilities: insecure logging of sensitive information and sensitive information disclosure.
In regard to the first category of vulnerabilities, Trend Micro researchers discovered “five instances of credentials leaking in cleartext on Compute Instances due to insecure usage of open-source components and insecure system design of how the environment was being provisioned.” This flaw poses a significant risk as it exposes sensitive information to potential attackers.
The second category of vulnerabilities involves cloud middleware leaking sensitive data from Azure Compute instances through exposed APIs. This flaw allows threat actors to exploit the vulnerability after gaining initial access and move laterally within the environment. This can lead to further unauthorized access and potential data breaches.
Trend Micro senior threat researcher Nitesh Surana, who led the session, highlighted the importance of focusing on traditional vulnerabilities that are often hidden in cloud services. He emphasized that such issues are distinct from the higher-criticality cross-tenant bugs that organizations commonly prioritize. It is important to note that vulnerabilities like these can exist in other cloud platforms and services as well, not just Azure.
During the session, Surana mentioned that Trend Micro identified a third class of vulnerability, which was reported to Microsoft in April. However, this vulnerability had not been definitively fixed by the time of the session. Following their disclosure policy, which includes a 120-day disclosure period, Trend Micro decided to exclude the third category from the session.
According to Surana, the third class of vulnerability allowed persistent access to Azure Machine Learning environments. Attackers could obtain credentials and tokens from non-Azure environments by generating logs that resemble legitimate activity. This flaw highlights the importance of addressing vulnerabilities promptly to prevent potential breaches.
While the fixed flaws have been silently patched by Microsoft, Trend Micro faced challenges in obtaining information regarding the fixes from the company. Some reports were closed as “by design,” which suggests that they were deemed as built-in features rather than bugs. Microsoft has not yet responded to requests for comment on the matter.
Silent patching of cloud vulnerabilities has been an ongoing concern for information security researchers. Major cloud providers, including Microsoft, have faced criticism for not adequately addressing and disclosing significant bugs in their platforms and services. This lack of transparency can hinder organizations’ ability to fully understand and mitigate potential risks.
The session’s key takeaway is that companies utilizing cloud-based MLaaS offerings should prioritize the underlying security posture of each platform. Following defense in depth practices can help reduce vulnerabilities. For example, if a storage account access key is logged in clear text and uploaded to GitHub, having the storage account behind a virtual network can mitigate the risk associated with leaked credentials.
In conclusion, the vulnerabilities identified by Trend Micro in Azure Machine Learning highlight the need for robust security measures in cloud platforms. Organizations should be aware of potential risks and take appropriate actions to protect their sensitive data. Cloud providers must also address and disclose vulnerabilities promptly to maintain the trust of their customers and the security of their platforms.