A potential privilege escalation flaw affecting Google Cloud Platform (GCP) Cloud Functions and its Cloud Build service has been identified by security researchers, prompting concerns about broader cloud security vulnerabilities across multiple platforms.
What happened
A privilege escalation vulnerability was discovered in Google Cloud Platform's Cloud Functions and Cloud Build service by Tenable Research. The flaw was found to allow attackers to exploit the deployment process of GCP Cloud Functions, enabling elevated permissions to be gained through the attack vector. Google's default Cloud Build service accounts were determined to have been granted excessive privileges, creating the security risk. A patch has since been issued by Google to mitigate the vulnerability and reduce the privileges previously assigned to these service accounts. The original attack method was confirmed to have been neutralized following Google's security update.
Going deeper
The attack technique was expanded upon and tested across multiple cloud environments by Cisco Talos researchers. A Debian server in GCP was set up with Node Package Manager (NPM) and Ngrok, where a malicious package.json file was used to extract tokens and simulate attack scenarios. The effectiveness of Google's patch was confirmed through this testing process.
However, the same approach was demonstrated to be adaptable for environment enumeration purposes, even when privileged access was not available. The altered package.json was deployed in AWS Lambda and Azure Functions by Talos, and the tactic's broader applicability across different cloud services was verified through this cross-platform testing.
Several enumeration methods were highlighted that could be used by attackers to gather system and network information:
- ICMP discovery for network mapping purposes
- Detection of .dockerenv files to confirm containerized environments
- CPU scheduling checks to identify init systems
- Container ID and mount point analysis for potential escape techniques
- Operating system and kernel detail extraction
- User and permission scans to aid privilege escalation attempts
- Network traffic analysis for vulnerability assessment
These techniques were found to be deployable without privileged credentials, making them viable in scenarios where service accounts are properly limited.
What was said
Following Tenable's report, Cloud Build's behavior was modified by Google and new policies for more granular service account control were added. The exfiltration of service account tokens using this method was verified by Talos to no longer be feasible in GCP.
In their research findings, Cisco Talos stated that while "Google has addressed the original flaw," the research "underscores the persistent risk posed by overly permissive configurations and the importance of continuous security monitoring across cloud environments."
Why it matters
This vulnerability directly undermines user trust in Google Cloud’s security model, revealing that even Google’s default configurations can unintentionally expose customers to privilege escalation risks—raising concerns for users who assume out-of-the-box settings are secure.
This discovery also shows a trend in cloud security where vulnerabilities in one platform can be adapted and exploited across multiple cloud environments. The research demonstrates that even after patches are applied to address specific vulnerabilities, the underlying attack techniques can often be repurposed for reconnaissance activities that don't require elevated privileges.
The bottom line
Organizations should enforce the principle of least privilege for all service accounts, regularly audit and monitor permissions, alert on unexpected Cloud Function modifications, inspect outgoing traffic for signs of exfiltration, and validate the integrity of external NPM packages. Though the original vulnerability has been patched, continuous security monitoring across all cloud environments remains essential to protect against evolving attack techniques that can be adapted across platforms.
FAQs
Was any customer data actually stolen or compromised?
No data breaches have been publicly reported in connection with this vulnerability.
How quickly did Google respond to the discovery of the flaw?
Google issued a patch shortly after being alerted to the issue by Tenable Research.
Are there any actions Google Cloud users need to take after the patch?
Users should still review and limit their service account permissions to align with least privilege principles.
Can attackers still use similar techniques even after Google’s fix?
Yes, attackers may still use the same techniques for environment reconnaissance in other platforms or misconfigured environments.
