Google Addresses Cloud Run Vulnerability that Permitted Unauthorized Image Access through IAM Misconfiguration

Published:

spot_img

Title: Vulnerability Discovered in Google Cloud Platform’s Cloud Run: Privilege Escalation Risk Addressed

Google Cloud Platform Vulnerability Highlighted: Security Flaw in Cloud Run Patched

April 2, 2025
By Ravie Lakshmanan
Tags: Cloud Security / Vulnerability

In a significant cybersecurity revelation, researchers at Tenable have disclosed a now-resolved privilege escalation vulnerability within Google Cloud Platform’s (GCP) Cloud Run, codenamed "ImageRunner." This flaw had the potential to allow malicious actors to manipulate cloud services, gain unauthorized access to container images, and inject harmful code.

The vulnerability was identified in the permissions structure of Cloud Run, a managed service that executes containerized applications. According to Tenable security researcher Liv Matan, attackers could exploit a specific set of permissions to modify Cloud Run services and deploy new revisions, using the compromised rights to access private images stored in Google Artifact Registry and Google Container Registry.

"By obtaining permissions like run.services.update and iam.serviceAccounts.actAs, an attacker could pull any private container image within the same project, opening the floodgates for malicious activity," Matan explained.

Following responsible disclosure, Google promptly patched the vulnerability on January 28, 2025. The fix now mandates explicit permission for any user or service account that creates or updates a Cloud Run resource to access the relevant container images. Google emphasized that users must assign the Artifact Registry Reader IAM role to enforce this protection.

Identifying the interconnected risks of cloud services, Matan described ImageRunner as a classic case of "Jenga" vulnerabilities, where the integrity of interconnected services can be compromised by a breach in one area, potentially exposing others to increased risks. This announcement comes on the heels of similar vulnerabilities being reported across various cloud platforms, underscoring an urgent need for organizations to review their cloud security protocols.

As cyber threats evolve, the necessity for robust security measures in cloud architectures has never been more pressing.

spot_img

Related articles

Recent articles

Ajman Unveils $272 Million Investment in Port Development

Major Upgrades Planned for Ajman Ports: A Gateway to Global Trade Ajman Ports is set for significant enhancements as it strives to become a key...

GovTech Innovation Forum & Awards: Envisioning a Reimagined Future

Celebrating Innovation: The GovTech Innovation Forum & Awards 2025 A Visionary Gathering In an era where technology is reshaping the very fabric of our lives, the...

Savastan0: The 2025 Dark Web Marketplace Everyone’s Talking About

The Intriguing World of Savastan0: A Deep Dive into Cybercrime On a chilly November evening in 2019, as I sat in a dimly lit coffee...

Kling AI Impersonation Ads Spread RAT Malware to Over 22 Million Users

Beware of Malicious Ads Targeting Kling AI Users Introduction to Scams on Social Media Recent reports highlight a troubling trend in digital security, particularly targeting users...