Microsoft released additional guidance on Open Management Infrastructure (OMI) vulnerabilities—CVE-2021-38645, CVE-2021-38649, CVE-2021-38648, and CVE-2021-38647—which impact Azure VM Management Extensions.
According to Microsoft, “customers must update vulnerable extensions for their
Cloud and On-Premises deployments as the updates become available…”
CERT Bulgaria encourages organizations to
review Additional Guidance Regarding OMI
Vulnerabilities within Azure VM Management Extensions for more information and to:
- ensure automatic updates are applied
- ensure manual updates are applied, as
patches are made available
- restrict external access to Linux systems
that expose OMI ports (TCP 5985, 5986, and 1270).