{"id":2589,"date":"2025-04-02T13:13:31","date_gmt":"2025-04-02T13:13:31","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=2589"},"modified":"2025-04-02T13:13:31","modified_gmt":"2025-04-02T13:13:31","slug":"google-fixes-gcp-flaw-that-could-expose-sensitive-container-images","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=2589","title":{"rendered":"Google fixes GCP flaw that could expose sensitive container images"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>A critical privilege escalation vulnerability, ImageRunner, affecting Google Cloud was promptly fixed before it could allow attackers to access sensitive information from GCP deployments.<\/p>\n<p>The issue, as discovered by the cybersecurity company Tenable, could have enabled an attacker to bypass permissions and obtain unauthorized access to container images.<\/p>\n<p>\u201cThis is possible because Cloud Run pulls images during a revision deployment process,\u201d Tenable told CSO in a comment ahead of publicly <a href=\"https:\/\/www.tenable.com\/blog\/imagerunner-a-privilege-escalation-vulnerability-impacting-gcp-cloud-run\">disclosing<\/a> the flaw on Tuesday. \u201cCloud Run uses a service agent, an automated \u2018worker\u2019 that handles essential operations, which has higher permissions allowing it to retrieve images from the Google Container Registry or Artifact Registry.\u201d<\/p>\n<p>Google Cloud Run is a fully managed serverless platform to deploy and run <a href=\"https:\/\/www.cio.com\/article\/247005\/what-are-containers-and-why-do-you-need-them.html\">containerized applications<\/a> and a \u2018revision\u2019 is a specific, immutable version of a deployed service that Cloud Run creates every time a new version of a containerized application is deployed.<\/p>\n<p>Google internally fixed the issue in January 2025 with additional checks and developers need not do anything.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Pulling restricted \u201cprivate\u201d images<\/strong><\/h2>\n<p>A prerequisite to ImageRunner is an identity that lacks registry permissions but has edit permissions on Google Cloud Run revisions. The bespoke \u201cworker\u201d has these permissions, which attackers could potentially use to pull private Google Artifact Registry (GAR) and Google Container Registry (GCR) images from the same account.<\/p>\n<p>Private images are restricted and require authentication to access. They are used to store proprietary applications, configurations, or sensitive code.<\/p>\n<p>The worker, aka service agent, \u201cis a special type of service account created and managed by Google Cloud,\u201d said Liv Matan, senior security researcher at Tenable. \u201cIf an attacker gains certain permissions within a victim\u2019s project \u2013 specifically <em>run.services.update<\/em> and <em>iam.serviceAccounts.actAs<\/em>permissions \u2013 they could modify a Cloud Run service and deploy a new revision.\u201c<\/p>\n<p>In doing so, they could specify (through malicious code injection) any private container image stored in a victim\u2019s registries, Matan added.<\/p>\n<p>According to a Tenable statement to CSO, an attacker could use this vulnerability for data theft or espionage in a real-world scenario. The attacker could use their code to inspect the contents of the private image, extract secrets stored within it, or even exfiltrate sensitive data.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Flaw fixed with explicit read access requirement<\/strong><\/h2>\n<p>The flaw, which was never assigned a <a href=\"https:\/\/www.csoonline.com\/article\/562175\/what-is-cve-its-definition-and-purpose.html\">CVE ID<\/a>, received a fix from Google in January wherein Cloud Run was updated with necessary restrictions.<\/p>\n<p>\u201cThe principal (user or service account) creating or updating a Cloud Run resource now needs explicit permission to access the container image(s).\u201d said a Google Cloud disclosure. \u201cWhen using Artifact Registry, ensure the principal has the Artifact Registry Reader (roles\/artifactregistry.reader) IAM role on the project or repository containing the container image(s) to deploy.\u201d<\/p>\n<p>The fix was <a href=\"https:\/\/cloud.google.com\/run\/docs\/release-notes#January_13_2025\">rolled out<\/a> to all production on January 28 as a \u201cbreaking change,\u201d following a Mandatory Service Announcement sent to affected Project, Folder, and Organization owners during the last week of November 2024, according to Tenable.\u00a0 A breaking change with reference to GCP refers to an update or modification that disrupts existing functionality, requiring users to update their configurations, code, or workflows to maintain compatibility.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>A critical privilege escalation vulnerability, ImageRunner, affecting Google Cloud was promptly fixed before it could allow attackers to access sensitive information from GCP deployments. The issue, as discovered by the cybersecurity company Tenable, could have enabled an attacker to bypass permissions and obtain unauthorized access to container images. \u201cThis is possible because Cloud Run pulls [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":2590,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-2589","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/2589"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2589"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/2589\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/2590"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2589"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2589"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2589"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}