RSA CONFERENCE 2022 – If cloud services weren’t complicated enough for today’s typical enterprise to properly configure and secure, there’s also a lesser-known layer of middleware that cloud providers run that may harbor hidden security vulnerabilities.
Last week, Wiz.io researchers at the RSA conference in San Francisco unveiled an open-source cloud middleware database on GitHub that details the specific middleware agents that Amazon Web Services (AWS), Google, and Microsoft install. on the virtual machines of their cloud customers. The goal is to shed light on this traditionally hidden proprietary software layer and its potential software flaws that can unknowingly put a cloud customer at risk of attack.
Cloud providers often silently install these “secret agent” middleware programs on their customers’ VMs, and with the highest privileges, as a “bridge” between their cloud services and their customers’ VMs. The Cloud Middleware Dataset database project aims to provide cloud customers with insight into this layer of software that they rarely know exists on their virtual machines in a cloud service – and the potential security risks associated with it.
“These agents add an extra attack surface and cloud customers don’t know about these agents…most are installed silently. If they’re pre-installed, they have no idea either,” said Shir Tamari, Head of Research at Wiz. .io, Dark Reading told in an interview at the RSA conference last week.
The most high-profile example of cloud middleware gone bad was the discovery of major flaws in Microsoft Azure’s Open Management Infrastructure (OMI) agent software last fall. Tamari and her fellow researchers discovered significant remote execution and privilege escalation vulnerabilities in Azure, with a set of flaws they dubbed OMIGOD. OMI runs on many Linux virtual machines in Azure to provide configuration management functions to cloud customers.
Of the four OMIGOD vulnerabilities (CVE-2021-38647, CVE-2021-38648, CVE-2021-38645, and CVE-2021-38649), the most painful was CVE-2021-38647, which could allow an attacker to gain root on a VM with a single packet, just by removing the authentication header. The problem: A default configuration for OMI was exposed to the HTTPS management port on the public internet. Microsoft provided automatic updates for Azure to fix vulnerabilities, after initially releasing patches that most Azure customers had no idea to apply to them because they weren’t aware IMO.
“There was confusion on how to handle this middleware fix,” Tamari said.
The Cloud Middleware dataset so far includes several agents used in Azure in addition to OMI, such as Microsoft Azure Guest Agent (WALinuxAgent), which comes preconfigured in all Azure Linux images and has root privileges. WALinuxAgent’s listing in the database indicates that the agent previously contained an information disclosure vulnerability, CVE-2019-0804. If exploited, it could allow an attacker to access kernel memory from a user process.
Other Azure middleware detailed in the database are Operations Management Suite, Dependency Agent, Pipeline Agent, and RD Agent Service, each of which is used in various Azure services.
AWS, meanwhile, has four such middleware agents listed in the dataset, the AWS Systems Manager Agent (SSM Agent), AWS PV Drivers, AWS ECS Container Agent, and Init Agent AWS EC2 hibernate. A local privilege escalation flaw CVE-2022-29527 was discovered this year in SSM Agent that an attacker could use to gain root access. This agent is preconfigured in Windows, Linux, and macOS virtual machine images.
Google Cloud runs Accounts Daemon, OSConfig agent, and a guest agent in its cloud services, all of which are Linux-based. OSConfig and guest also run on Windows. Accounts Daemon, which runs in Google’s OS Login service, has already been patched for a local privilege escalation flaw, CVE-2020-8933, which allegedly gave root access. OSConfig, which is built into GCP VM images, also had a local privilege escalation vulnerability in 2020 which Google later patched.
What to ask about cloud middleware
So how can organizations identify these “secret agents,” as Wiz researchers call them?
In an interview with Dark Reading at RSAC, Wiz co-founder and CTO Ami Luttwak said organizations should ask cloud providers questions to get a clear picture of what their software environment looks like: who owns this middleware [and] how do you know if it is running on your environment? Does the software contain vulnerabilities, and how are updates and patches handled?
“It’s a different attacking surface. It’s a gray area,” he said. “It needs transparency and a clear process for agent, virtual machine updates.”