Azure OMI - Remote Code Execution (OMIGOD - CVE-2021-38647)
- Severity
- Vulnerability description
- Not available
- Risk description
- Not available
- Exploit capabilities
Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
- Recommendation
- Not available
- References
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38647https://www.wiz.io/blog/omigod-critical-vulnerabilities-in-omi-azu
- Codename
- OMIGOD
- Detectable with
- Network Scanner
- Scan engine
- Sniper
- Cisa Kev
Yes- Exploitable with Sniper
- Yes
- CVE Published
- Sep 1, 2021
- Detection added at
- Software Type
- Azure
- Vendor
- Microsoft
- Product
- Open Management Interface (OMI)
Detect & validate this vulnerability
Go beyond surface scans. Get real validation with proprietary tools designed to prove what’s exploitable in your environment.