“Trivially Exploitable” Vulnerabilities Left Cloud Environments Vulnerable for Over 8 Years

Researchers at Oligo have found several “trivially exploitable” vulnerabilities in the widely-used Fluent Bit logging software that left users vulnerable for over 8 years.

It runs everywhere: AI labs, banks, car manufactures, all the major cloud providers such as AWS, Google Cloud, and Microsoft Azure, and more.

The vulnerabilities allow “attackers to disrupt cloud services, tamper with data, and gain deeper access to the same Cloud and  Kubernetes infrastructure.“

Attackers could penetrate deeper into the cloud environment and execute malicious code, and even control the logging of events, rewriting or erasing ones that could alert of the infection and injecting fake entries to throw investigators off the trail.

The vulnerabilities include two remote code execution, four that allow tampering with logs, and one that’s both.

Severe vulnerabilities in widely deployed and trusted software are nothing new. The widely deployed xz software was found to be backdoored, leaving countless machines vulnerable. You may also remember the famous log4j vulnerability that left tons of servers vulnerable.

Many of our services we rely on every day run many third-party programs assumed to be trusted, but that haven’t had as much scrutiny put on them as they should. Serious work needs to be put into securing cloud infrastructure to protect against these inevitable flaws.