Cloud Attackers Exploit Max-Critical Aviatrix RCE Flaw

The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware.

Jai Vijayan, Dark Reading

January 14, 2025

1 Min Read
padlocks in front of a cloud symbolize cloud security
Alamy

At a Glance

  • Aviatrix has released patches (versions 7.1.4191 and 7.2.4996) to mitigate the vulnerability.
  • The flaw highlights the critical need for robust API validation and security testing to prevent severe exploits.
  • Aviatrix has reached out to affected customers, offering tailored support and hardening guidance.

Multiple threat actors are actively targeting a recently disclosed maximum-severity security bug in the Aviatrix Controller centralized management platform for cloud networking.

In a worst-case scenario, the vulnerability, identified as CVE-2024-50603 (CVSS 10) could allow an unauthenticated remote adversary to run arbitrary commands on an affected system and take full control of it. Attackers are currently exploiting the flaw to deploy XMRig cryptomining malware and the Sliver backdoor on vulnerable targets.

CVE-2024-50603: A High-Impact Vulnerability

The vulnerability presents an especially severe risk in Amazon Web Services (AWS) cloud environments, where Aviatrix Controller allows privilege escalation by default, researchers at Wiz Security warned in a blog on Jan. 10.

"Based on our data, around 3% of cloud enterprise environments have Aviatrix Controller deployed," the researchers noted. "In 65% of such environments, the virtual machine hosting Aviatrix Controller has a lateral movement path to administrative cloud control plane permissions."

Hundreds of large companies use Aviatrix's technology to manage cloud networking across AWS, Azure, Google Cloud Platform (GCP), and other multi-cloud environments. Common use cases include automating the deployment and management of cloud network infrastructure, and managing security, encryption, and connectivity policies. The company lists organizations such as Heineken, Raytheon, Yara, and IHG Hotels and Resorts among its customers.

Related:Data Protection Is Critical in the Multi-Cloud

Read the Full Story on Dark Reading

Read more about:

Dark Reading

About the Authors

Jai Vijayan

Jai Vijayan

Contributing writer, Dark Reading

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a senior editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics including big data, Hadoop, Internet of Things, e-voting and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a master's degree in statistics and lives in Naperville, Illinois.

See more from Jai Vijayan
Dark Reading

Dark Reading

Long one of the most widely read cyber security news sites on the Web, Dark Reading, a sister site to ITPro Today, is now the most trusted online community for security professionals like you. Dark Reading's community members include thought-leading security researchers, CISOs, and technology specialists, along with thousands of other security professionals.

See more from Dark Reading
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

jobs key on keyboard
Career Management
IT Jobs Outlook 2025: Evolving Skills, AI, Workplace Flexibility Will Shape IT Workforce
IT Jobs Outlook 2025: Evolving Skills, AI, Workplace Flexibility Will Shape IT Workforce

Nov 20, 2024

an it pro is disappointed as a poster for sustainability is switched with one for financial results and garbage piles up next to a recycling bin
Green IT
How Do I Advocate for Green IT Without Being Dismissed as a Lorax?
How Do I Advocate for Green IT Without Being Dismissed as a Lorax?

Nov 27, 2024

person using a laptop with the Ubuntu logo on its scree
IT Operations
3 Simple Ways to Install and Run a Virtual Machine on Ubuntu
3 Simple Ways to Install and Run a Virtual Machine on Ubuntu

Nov 22, 2024

Exclusive ITPro Resources
See all ITPro Resources

Featured Technical Explainers

AI chip
Cloud Computing
Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads
Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads
SaaS concept on a tablet
Cloud Computing
Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees
Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees
DevOps logo on top of code
DevOps
DevOps: Key to Faster, More Efficient Government Software Development
DevOps: Key to Faster, More Efficient Government Software Development
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

Recent What Is

cartoon shows a person next to a checklist and several icons that represent disaster scenarios
Disaster Recovery
BCDR Basics: A Quick Reference Guide for Business Continuity & Disaster RecoveryBCDR Basics: A Quick Reference Guide for IT Pros
technology interface with a person's hand drawing gears and cogs
PowerShell
Introduction To PowerShell Environment VariablesIntroduction To PowerShell Environment Variables