Request a Demo Contact Us

OMIGOD Vulnerabilities

OMIGOD Vulnerabilities

 

A group of vulnerabilities in Open Management Infrastructure (OMI) branded as “OMIGOD” are actively being exploited in the wild, potentially affecting as many as two-thirds of all Microsoft Azure customers.Because the OMI agent runs as root, any OMI vuln allows attackers to remotely execute code with a single request and to escalate privileges. The scope includes Linux systems running in Azure when any of many commonly used services are enabled, including Azure Log Analytics, Azure Diagnostics, and Azure Security Center. On September 14, 2021, Microsoft released fixes for the OMIGOD vulnerabilities.Watch the 9-minute Security Flash with Casey Ellis (Founder, Chairman, and CTO of Bugcrowd) and Sajeeb Lohani (Director of Cybersecurity at Bugcrowd) discuss this subject, answering questions such as:
  • What happened?
  • Why is it concerning?
  • What should organizations be doing to stay secure?
  • How can Bugcrowd help?

More resources

Datasheet

Aligning with Binding Operational Directive 20-01

Read More
Datasheet

Understanding Bug Bounty Scope

Read More
Datasheet

Trust Engineering

Read More

Get Started with Bugcrowd

Every minute that goes by, your unknown vulnerabilities leave you more exposed to cyber attacks.