SecTor 2025 | The Good, the Bad, and the Ugly: Hacking 3 Cloud Providers with 1 Vulnerability

Join us for an inside look at how leading cloud providers architect their environments, and the anatomy of a container escape vulnerability in the wild. Our goal is to learn how to build stronger guardrails in the cloud by examining the flaws and misconfigurations we were able to exploit in each environment. As AI workloads migrate to the cloud, Cloud Providers are rapidly evolving their GPU offerings. These multi-tenant environments are often built on the NVIDIA Container Toolkit, the industry-standard framework for running GPU-based containerized apps. In this talk, we will show you how a single vulnerability in this fundamental framework impacted the entire cloud ecosystem – and how each environment handled a brand-new 0-day vulnerability. We'll walk through our discovery of a container escape vulnerability in this foundational layer of GPU infrastructure, and its real-life implications across 3 different cloud providers: Azure, DigitalOcean, and Replicate. Each case study began with a standard customer workload running our exploit – but the outcomes varied widely. One led to a minor impact; another with lateral movement that triggered blue teamers; and one resulted in complete service takeover. The differing outcomes didn't stem from the vulnerability itself; they stemmed from varying service architectures and security best practices. We'll analyze and contrast these implementations to demonstrate how a well-isolated environment can be resilient even against 0-day attacks! By: Hillai Ben-Sasson | Security Researcher, Wiz Nir Ohfeld | Head of Vulnerability Research, Wiz https://ift.tt/pXBaFGb

source https://www.youtube.com/watch?v=O49EgRnu4VU