Moscow necessitate the launch of high-technology manufacturing to replace imports from the West and may seek to acquire NATO-related intelligence.
Microsoft: There are 4 vulnerabilities in the Open Management Infrastructure (OMI) agent. They could allow an attacker to raise their privileges and remote arbitrary code execution. Furthermore, there is a PoC online
The Open Management Infrastructure (OMI) agent has four vulnerabilities, one of them with “critical” severity. Those are the CVE-2021-38645, CVE-2021-38649, CVE-2021-38648, and CVE-2021-38647. It has been denounced by Microsoft cybersecurity experts. The OMI agent is automatically installed by some Azure Virtual Machines management extension. Those, if enabled on cloud Linux servers, could allow an attacker to raise their privileges and remote arbitrary code execution. Furthermore, there is a Proof of Concept (PoC) already released and spreading on the web. Moreover, all OMI versions below v1.6.8-1 are vulnerable. To block the flaws, users have to update the extensions to the last version available.