As you may have seen today, Palo Alto published a brilliant technical report: Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances service. Palo Alto and Microsoft have both provided mitigation advice.
Reading the report, it's interesting that it was an older (well known) vulnerability that allowed a breakout to the Kubernetes node running customer containers. Palo Alto doesn't show their exact break out exploit code but describes it as relating to CVE-2019-5736 and CVE-2019-5735. This worked well, as Azure was running an ancient platform to run the containers - RunC v1.0.0-rc2 from 1st October 2016.
Palo Alto then leveraged node access to sniff for an overprivileged token that can be abused to execute commands in other containers. The end result is Customer A can potentially access containers from Customer B. While you would be restricted in which containers/customers you could access, Palo Alto also provides some hints on how to enumerate container deployments. It's also worth noting, that vulnerabilities in cloud services generally don't get assigned CVE numbers - which makes this a little harder to track and may fly under the radar of some organizations.
Microsoft have notified customers, but only those that happened to be sharing a cluster with the Palo Alto researchers - this indicates that other customers are still running vulnerable code. For their part, Palo Alto recommends you check if you are running on an outdated/vulnerable node by running this within a container:
az container exec -n --exec-command "hostname"
If the output starts with wk-caas and the container started running before Aug. 31, 2021, it could have been attacked by Azuresape. Where this is identified, Cado suggests that you be on the lookout for and investigate any signs that could indicate exploitation.
Given Palo Alto/Twistlock open sourced their reconnaissance framework, whoc, it's possible we'll see future issues in other providers.