four critical vulnerabilities in OMI, one of Azure’s most ubiquitous yet least known software agents, and is deployed on a large portion of Linux VMs in Azure. The vulnerabilities are very easy to exploit, according to Wiz researchers, allowing attackers to remotely execute arbitrary code within the network with a single request and escalate to root privileges.
Read full article on Security Magazine