Microsoft has released updates to address a security flaw, CVE 2022-29972, which is affecting Azure Synapse and Azure Data Factory pipelines. The vulnerability could have let attackers execute remote commands across Integration Runtime (IR) infrastructure, but the patch published on April 15 was released prior to Microsoft witnessing any attacks being carried out in the wild. This bug could have been exploited to allow attackers to access Synapse workspaces and allow them to leak sensitive data including Azure’s service keys, API tokens, and passwords to other services. The vulnerability was discovered in the third-party ODBC data connector used to connect to Amazon Redshift, in Integration Runtime (IR) in Azure Synapse Pipelines, and Azure Data Factory.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased