Microsoft fixes dozens of Azure Site Recovery privilege escalation bugs

Microsoft has fixed 32 vulnerabilities in the Azure Site Recovery suite that could have allowed attackers to gain elevated privileges or perform remote code execution.

The Azure Site Recovery service is a disaster recovery service that will automatically fail-over workloads to secondary locations when a problem is detected.

As part of the July 2022 Patch Tuesday, Microsoft fixed 84 flaws, with Azure Site Recovery vulnerability accounting for more than a third of the bugs fixed today.

Of the thirty-two vulnerabilities fixed in Azure Site Recovery, two allow remote code execution, and a whopping thirty vulnerabilities allow for elevation of privileges.

In an advisory released today, Microsoft states that SQL injection vulnerabilities caused most of the privilege escalation bugs.

To perform the attack, a threat actor can create a custom, malicious DLL using the same name as a regular DLL loaded by the Azure Site Recovery application.

Share this article on social media:

Subscribe to Our Newsletter!
Stay on top of cybersecurity risks, evolving threats and industry news.