Back to directory

WRITEUP #482

Azure Devops Zero-Click CI/CD Vulnerability

AI / LLMCI/CDSupply chain attackPrivilege escalationInformation disclosure

byNadav Noy

Program

Microsoft (Azure DevOps Pipelines)

Published

Jan 31, 2024

Added to HackDex

Feb 27, 2024

Read Full Writeuphttps://www.legitsecurity.com/blog/azure-devops-zero-click-ci/cd-vulnerability

▸ RELATED WRITEUPS

Revival Hijack – PyPI hijack technique exploited in the wild, puts 22K packages at risk

SAPwned: SAP AI vulnerabilities expose customers’ cloud environments and private AI artifacts

GitHub Actions Exploitation: Repo Jacking And Environment Manipulation

AI / LLMRepojacking

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Escalating From Reader To Contributor In Azure API Management

Privilege Escalation

Built with ❤️ by Shubham Rawat