Within the proof-of-concept assault demonstrated by Wiz, the attackers exploit this vulnerability to start out a reverse shell that enables them to execute extra instructions. This will result in credential theft from the surroundings, similar to SSH keys, AWS IAM tokens, and certificates. It may possibly additionally result in malware and cryptominer deployment.
Lack of Redis authentication is a widespread difficulty
Whereas Redis helps authentication, it’s typically deployed with out it, particularly on inside networks, but additionally on the web. For instance, the Wiz researchers notice that in 57% of cloud environments, Redis is deployed as a container picture and the official Redis container on Docker Hub doesn’t have authentication enabled by default.
“The mix of no authentication and publicity to the web is extremely harmful, permitting anybody to question the Redis occasion and, particularly, ship Lua scripts (that are enabled by default),” the researchers notice. “This allows attackers to use the vulnerability and obtain RCE throughout the surroundings.”
