Chen CohenMicrosoft Dynamics Container Sandbox RCE via Unauthenticated Docker Remote API 20,000$ BountyOn 17.11.2021 I reported a critical security issue in Microsoft Dynamics Container Sandbox, that allows Microsoft Customers to setup a…5 min read·Jun 1, 2022----
Chen CohenCyberArk Endpoint Manager Local Privilege Escalation CVE-2021–44049.On 25.10.2021 I reported a Local Privilege escalation vulnerability on CyberArk EPM which is used to help organization in enforcing least…3 min read·Jan 14, 2022----
Chen CohenI Own Your “Cloud Shell”: Taking over “Azure Cloud Shell” Kubernetes Cluster Through Unsecured…“Azure Cloud Shell is a browser-based shell experience to manage and develop Azure resources.10 min read·Feb 15, 2021----
Chen CoheninFAUN — Developer Community 🐾In Cloud we “Trust”: Wrong Kubernetes implementation by Google Cloud Platform & Microsoft Azure…Kubernetes is the leading container orchestration platform for SMB and enterprises that provides a fast deployment, load balancing, high…4 min read·Jan 12, 2020----
Chen CohenBreaking out of the container without Zero Day — Can that happen to me?On the 30.5.2019 I Presented at OWASP Global AppSec Tel Aviv conference with my team leader Asher Genachowski.6 min read·Nov 19, 2019----