July 25, 2024 at 06:10AM
Researchers have identified a privilege escalation vulnerability, named ConfusedFunction, in Google Cloud Platform’s Cloud Functions service, enabling unauthorized access to other services and sensitive data. The issue with Cloud Build service account permissions, exposed by Tenable, has been addressed by Google, although existing instances remain unaffected. Other cloud providers have also encountered security vulnerabilities, prompting increased vigilance.
From the meeting notes provided, the main takeaways are as follows:
1. Google Cloud Platform’s Cloud Functions service has been found to have a privilege escalation vulnerability named ConfusedFunction, which allows an attacker to access other services and sensitive data in an unauthorized manner.
2. The vulnerability, identified by Tenable, could lead to lateral movement and privilege escalation within a victim’s project, potentially allowing unauthorized data access, updates, or deletions.
3. The issue stems from the default creation of a Cloud Build service account linked to a Cloud Function, which can be exploited by an attacker to escalate their privileges.
4. Google has updated the default behavior to address the vulnerability for future deployments, but existing instances are not covered by these changes.
5. Outpost24 detailed a medium-severity cross-site scripting (XSS) flaw in the Oracle Integration Cloud Platform, which was resolved in the recent Critical Patch Update (CPU) released by Oracle.
6. Assetnote’s discovery of three security vulnerabilities in the ServiceNow cloud computing platform (CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217) raises concerns about potential exploit chaining to gain full database access and execute arbitrary code on the Now Platform.
These key points summarize the security vulnerabilities discussed during the meeting.