Cybersecurity researchers from Palo Alto Networks Unit 42 disclosed details of a new security flaw affecting Microsoft’s Service Fabric that could be exploited to obtain elevated permissions and seize control of all nodes in a cluster.
The issue, which has been dubbed FabricScape (CVE-2022-30137), could be exploited on containers that are configured to have runtime access. It has been remediated as of June 14, 2022, in Service Fabric 9.0 Cumulative Update 1.0.