Research Pod

Blog

CosMiss: Azure Cosmos DB Notebook Remote Code Execution Vulnerability

The Orca Research Pod has discovered CosMiss, a vulnerability in Microsoft Azure Cosmos DB where authentication checks were missing from...

Blog

FabriXss (CVE-2022-35829): How We Managed to Abuse a Custom Role...

The Orca Research Pod has discovered FabriXss, a vulnerability in Azure Service Fabric Explorer

Blog

Azure Synapse: Local Privilege Escalation Vulnerability in Spark

The story of a simple race condition leading to a local privilege escalation vulnerability in Azure Synapse Analytics

Tzah Pahima Sep 01, 2022

All Articles (29)