CybersecurityVulnerability Management

Flaws in Hybrid Cloud Tools Expose Dual Attack Surfaces

Analyst 207||Source: TheRegister
Hybrid cloud management interface with exposed sections on a laptop screen.

"Your hybrid management plane is an attack surface you are not monitoring enough," Kalendarov said.

Ilan Kalendarov and Ben Zamir at Black Hat Asia in Singapore

At Black Hat Asia in Singapore, Ilan Kalendarov and Ben Zamir of Cymulate presented a talk titled "Breaking Hybrid Boundaries Across Azure and Windows" in which they announced four vulnerabilities in Microsoft's Windows Admin Center (WAC). The researchers identified CVE identifiers 2025-64669, 2026-20965, 2026-23660, and 2026-32196 and reported them to Microsoft. Cymulate disclosed the findings responsibly and Microsoft published patches addressing the flaws.

Two versions of Windows Admin Center — two vectors

Microsoft offers a cloudy WAC hosted in Azure and an on-premises edition. Kalendarov and Zamir found problems in both. The on-prem edition's installation directory was not write-protected, which allowed an attacker to drop malicious code "alongside WAC." Conversely, the cloudy edition of WAC relied on the same management tokens that, if abused, could be used to reach back into on-prem resources. The researchers distilled the result into a simple warning: hybrid management tools create a two-way attack surface capable of carrying attack traffic in both directions.

POP tokens, check-access tokens, and VM validation gaps

Both WAC variants rely on a check-access token and a proof of possession (POP) token to identify the resources they manage. Kalendarov and Zamir reported that virtual machines do not validate all fields in the POP token. The POP token can be re-used or forged under those conditions, which the researchers demonstrated could allow an attacker to take over a tenant virtual machine managed under WAC. The researchers also said resources managed by Microsoft Arc are at risk from the same weakness.

Severity, exploitation, and Microsoft’s patching

There is no sign the CVEs the researchers found were under active exploit at the time of the presentation. The most serious of the identified flaws carried a 7.8 CVSS score. Cymulate followed responsible disclosure practices and Microsoft issued patches; the researchers described the resulting fixes as having closed the identified issues. That sequence — discovery, responsible disclosure, patching — prevented the group from characterizing the flaws as "terrifying," but they argued the underlying architectural lesson remains urgent.

What this means for technologists, procurement leaders, and cloud managers

  • Technologists and security teams: Monitor your hybrid management plane. The researchers advised watching for identities created to operate cloud resources appearing to access on-prem systems, and vice versa, because token weaknesses can permit cross-boundary access.
  • Procurement leaders and affected enterprises: Consider the security posture of management tooling. Cymulate chose WAC for study because of its large user population, and the duo said they are interested in probing other common hybrid cloud management tools such as those from Nutanix and VMware.
  • Cloud managers and operations teams: Treat both cloud and on-prem systems as high-value targets. Kalendarov urged teams to "Treat all systems as tier zero," underscoring that management planes — not just workloads — deserve continuous monitoring and hardening.

Kalendarov and Zamir opened their talk with the "This is fine" meme and suggested hybrid clouds "may well be on fire, too," a rhetorical device to highlight that administrators often overlook the hybrid management plane even as it can enable attacks in both directions. When The Register asked whether they had examined other hybrid tools, the researchers said they had focused on WAC because of its prevalence but expressed interest in broader probing.

The immediate takeaway is concrete: four CVEs affecting WAC were found, reported, and patched; the most severe carried a 7.8 CVSS score; and the technical vectors involve writable on-prem directories and insufficient POP-token validation that can lead to tenant VM takeover and exposure of Microsoft Arc–managed resources. The longer takeaway is a procedural one — that organizations running hybrid clouds must treat the management plane as an active attack surface, monitor cross-boundary identities, and prioritize fixes for tooling that spans on-prem and cloud boundaries.

Original story

AzureCloud SecurityEmerging ThreatsMicrosoftVulnerability ManagementHybrid CloudWindows Admin CenterBlack Hat AsiaCVE-2025-64669CVE-2026-20965CVE-2026-23660CVE-2026-32196
Related Intelligence

Continue Reading

Well-organized tech workspace with personnel working at computer workstations.

Microsoft Patch Tuesday Release Sets Record with 206 CVEs Addressed

Microsoft just dropped a record-breaking Patch Tuesday update, fixing a whopping 206 vulnerabilities across its products - including 38 critical ones. This massive release surpasses previous months and confirms a trend towards larger updates, raising both relief and concern among security experts.

Analyst 207
Federal officials gather around a conference table with screens displaying risk assessment data and charts.

CISA Overhauls Risk Prioritization Approach for Federal Agencies, Private Sector

CISA is shaking up its approach to risk prioritization, urging a smarter strategy for applying patches and tackling vulnerabilities. Acting director Nick Andersen emphasizes the need to focus on what matters most, rather than rushing to apply every patch as soon as it's released.

Analyst 207
Technology company's workspace with multiple workstations and screens, laptop screen blurred in foreground.

Microsoft Patch Tuesday Update Sets Record with 206 Vulnerabilities Fixed

Microsoft just dropped a record-breaking Patch Tuesday update, fixing a staggering 206 vulnerabilities in a single swoop - a move that's both impressive and concerning. This massive update is part of a larger trend, with nearly half of this year's patches containing triple-digit numbers of fixes.

Analyst 207
Laptop on office desk with smartphone and notepad, in front of blurred window background.

AI Agents Vulnerable to Phishing Attacks, Expose Sensitive Data

Researchers put an AI agent named Pinchy to the test with classic phishing simulations, and the results were alarming: sometimes it fell for the bait, spilling sensitive data, and other times it successfully blocked the attacks. The experiment revealed a stark vulnerability - AI agents can be tricked into exposing confidential information.

Analyst 207