Nir Ohfeld

Vulnerability Research

The cloud has an isolation problem: PostgreSQL vulnerabilities affect multiple cloud vendors

How Wiz Research uncovered multiple related vulnerabilities in PostgreSQL-as-a-Service offerings from GCP, Azure, and others.

Revisiting OMI: Analysis of CVE-2022-29149, a privilege escalation vulnerability in Azure OMI

Affected organizations are required to update installed agents that use the OMI cloud middleware software

The cloud gray zone—secret agents installed by cloud service providers

Wiz Research builds upon previous “OMIGOD” findings with a presentation at RSA Conference 2022; details how cloud middleware use across cloud service providers can expose customers' virtual machines to new attack vectors

Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL

Wiz Research discovers a chain of critical vulnerabilities in the widely used Azure Database for PostgreSQL Flexible Server.

ChaosDB explained: Azure's Cosmos DB vulnerability walkthrough

This is the full story of the Azure ChaosDB Vulnerability that was discovered and disclosed by the Wiz Research Team, where we were able to gain complete unrestricted access to the databases of several thousand Microsoft Azure customers.

How we broke the cloud with two lines of code: the full story of ChaosDB

A summary and recording of Wiz's talk at BlackHat Europe 2021: the full extent of ChaosDB, the impact it had, and the questions it raises about security in managed cloud services.

OMIGOD: Critical Vulnerabilities in OMI Affecting Countless Azure Customers

Wiz Research recently found 4 critical vulnerabilities in OMI, which is one of Azure's most ubiquitous yet least known software agents and is deployed on a large portion of Linux VMs in Azure.

“Secret” Agent Exposes Azure Customers To Unauthorized Code Execution

Wiz Research recently discovered a series of alarming vulnerabilities that highlight the supply chain risk of open source code, particularly for customers of cloud computing services.

ChaosDB: How we hacked thousands of Azure customers’ databases

As part of building a market-leading CNAPP, Wiz Research is constantly looking for new attack surfaces in the cloud. Two weeks ago we discovered an unprecedented breach that affects Azure’s flagship database service, Cosmos DB.