Experts from Palo Alto Networks reported the vulnerability dubbed Azurescape. The issue affected Azure Container Instances, a cloud-based service that allows companies to deploy packaged applications (containers) on the cloud.

The issue allowed a malicious container to take over containers belonging to other customers on the platform. In essence, an attacker exploiting Azurescape could execute commands in the other users' containers and gain access to all their data. It is believed that hackers could use the bug to execute code in other users' containers, steal confidential information, and deploy miners and other malware.

Microsoft has already sent notifications to its customers warning them to change the privileged credentials for containers deployed on the platform before August 31, 2021.

Source: xakep.ru