Coder Azure Instance Identity PKCS#7 Signature Validation Bypass

Vulnerability Description

This vulnerability exploits a cryptographic validation gap in Coder's azureidentity.Validate() function. The implementation performs incomplete validation of PKCS#7 envelopes by verifying that the signing certificate chains to a trusted Azure Certificate Authority, but critically omits verification of the signature itself. This is a textbook example of incomplete cryptographic validation (CWE-347). An attacker can construct a forged PKCS#7 envelope containing legitimate Azure certificates alongside arbitrary JSON payloads (e.g., {"vmId":"<target>"}) that will be accepted as authentic. The root cause is the absence of signature cryptographic verification logic—only certificate chain validation occurs.

Proof-of-Concept Significance

The PoC demonstrates that the endpoint POST /api/v2/workspaceagents/azure-instance-identity is completely unauthenticated and will accept forged identity claims. The precondition is knowledge of a target VM's UUIDv4-format vmId, which is often discoverable through public Azure metadata sources, prior compromise of Azure environments, or CT log analysis. The reliability is high because no signature verification creates a deterministic bypass. This proves the vulnerability is exploitable in standard Azure deployments without requiring brute-force or timing attacks.

Detection Guidance

Log Indicators:

• Requests to POST /api/v2/workspaceagents/azure-instance-identity with missing or malformed PKCS#7 structures that succeed
• Successful token generation followed by immediate access to sensitive endpoints (/gitsshkey, /external-auth, agent manifests)
• Multiple failed certificate chain validations followed by sporadic successes (indicative of envelope fuzzing)
• VM identities appearing from Azure IMDS IP ranges but with certificate timestamps predating actual VM provisioning

Defensive Monitoring:

• Alert on any unauthenticated token issuance from the Azure identity endpoint
• Correlate successful identity claims with actual Azure IMDS queries (check Azure activity logs)
• Monitor for rapid sequential token generation from different vmId values
• Inspect PKCS#7 certificate subject fields for duplicate certificates across claims

Mitigation Steps

Immediate:

1. Patch: Upgrade to patched Coder releases that implement full PKCS#7 signature verification (verify vendor advisory for exact versions)
2. Workaround: Restrict network access to POST /api/v2/workspaceagents/azure-instance-identity to Azure IMDS IP ranges (169.254.169.254 egress only) via WAF or network ACLs
3. Token Rotation: Force rotation of all workspace agent tokens; assume historical tokens compromised
4. Credential Audit: Review Git SSH key usage, OAuth token access logs, and workspace secret access for suspicious activity

Long-term: 5. Implement code review processes requiring cryptographic library verification (e.g., use Go's crypto/x509 package with explicit signature.Verify() calls) 6. Add integration tests that verify rejection of unsigned or tampered PKCS#7 envelopes 7. Deploy runtime verification: certificate pinning of Azure's root CAs with signature validation in parallel validation chains

Risk Assessment

Exploitation Likelihood: High. This is an authentication bypass with no user interaction required and low exploitation complexity. Attackers with Azure environment access or those collecting Azure metadata from public sources can exploit trivially. Threat Actor Interest: Critical. The vulnerability chains directly to Git repository compromise and OAuth token theft—high-value targets for supply-chain attacks, insider threats, and APT groups targeting development infrastructure. The absence of authentication logging makes detection difficult. Organizations running Coder on Azure without patches should assume compromise if this vulnerability existed during the exposure window.