Subj : Researchers uncover RCE exploit in Google Cloud, millions of serv To : All From : TechnologyDaily Date : Tue Sep 17 2024 13:15:05 Researchers uncover RCE exploit in Google Cloud, millions of servers at risk Date: Tue, 17 Sep 2024 12:04:00 +0000 Description: The vulnerability has since been patched but Tenable criticized Google for its "lack of awareness". FULL STORY ====================================================================== There was a major flaw in Google Cloud Platform (GCP) that could have allowed hackers to run malicious code remotely, on millions of servers and underlying systems. The flaw was discovered by cybersecurity researchers from Tenable, who reported their findings to Google. The company has since addressed the issue and plugged the hole. According to a press release shared with TechRadar Pro earlier this week, Tenables researchers found whats known as a dependency confusion vulnerability, and they dubbed it CloudImposer. The flaw could have allowed threat actors to execute code on potentially millions of GCP servers and their customers systems, they said. App Engine, Cloud Function, and Cloud Composer, were said to be most impacted by this vulnerability. Blast radius "immense" The flaw was found in GCPs Composer dependency installation process, which allowed attackers to upload a malicious package to PyPI, which would then be preinstalled on all Composer instances - with high permissions. As a result, malicious actors could execute code remotely, exfiltrate service account credentials, and move laterally to other GCP services. Tenable said that its researchers found the bug while running in-depth analysis of documentation from both GCP and the Python Software Foundation. The vulnerability could have resulted in supply chain attacks in the cloud which, as they said, can be exponentially more damaging compared to on-prem environments. Since a single malicious package can quickly spread across multiple networks, millions of people could be exposed. "The blast radius of CloudImposer is immense, commented Liv Matan, senior research engineer at Tenable. By discovering and disclosing this vulnerability, weve closed a major door that attackers could have exploited on a massive scale. Tenable also took the opportunity to slam Google for its startling lack of awareness and preventive measures against what it scribes as an attack technique thats been known for years. More from TechRadar Pro Top security guard firm exposed over a million files online Here's a list of the best firewalls around today These are the best endpoint security tools right now ====================================================================== Link to news story: https://www.techradar.com/pro/security/researchers-uncover-rce-exploit-in-goog le-cloud-millions-of-servers-at-risk --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .