A incorrect configuration on the Google Cloud Platform could allow attackers to gain complete control over a virtual machine by taking advantage of legitimate system features, according to new research released Thursday.
Cloud incident response provider Mitiga discovered the incorrect configuration a few months ago while researching the Google Cloud Platform (GCP) compute engine, specifically its virtual machine (VM) service. The company discovered a faulty configuration that could allow threat actors to send and receive data from virtual machines and possibly gain complete control over the system.
The attack vector is an exposed metadata API vector called “getSerialPortOutput”, which is used for the purposes of tracking and reading serial port locks. Mitiga discovered that the API can be abused to access GCP virtual machines, even with firewalls and other access controls in place.
Andrew Johnston, chief consultant at Mitiga, described the miscalculation as a “dangerous feature” in a blog post on Thursday.
“At Mitiga, we believe that this misconfiguration is likely common enough to warrant concern; however, with proper access control in the GCP environment, there is no exploitative defect,” he wrote.
Johnston told SearchSecurity that organizations with GCP production environments may be at risk of data exfiltration or having a fully compromised virtual machine used as command and control infrastructure for actor threats. . However, he pointed out that the problem is technically not a weakness in Google’s cloud.
“Rather, it’s an attack vector that abuses the legitimate functioning of the system,” Johnston said.
How does this work?
At first glance, the problem with the getSerialPortOutput API seems to be limited to potential data leaks.
“By itself, this API represents nothing more than a stealth method of exfiltration,” Johnston wrote in the report. “Although interesting, it would be more powerful if we could identify a companion API method that would allow an adversary to send data to the machine. If combined, the methods will allow full command and control (C2) on a machine with only cloud credentials.
Mitiga discovered and tested two possible attack vectors related to the abuse of another API, SetMetadata. Both cases started with an attacker accessing a victim’s cloud credentials, which enabled API permissions for SetMetadata. One case involved traditional network-based lateral movement techniques prior to malware infection, while others exploited API-abusing malware.
With APIs, a threat actor can send malicious commands within custom metadata to virtual machines in the Google cloud. If there are no additional access controls, threat actors can control the virtual machine.
Although the use of these techniques requires associated permissions such as GCP credentials, the sharing and reuse of administrative passwords and usernames is common among businesses and can result in an increased likelihood of leakage.
Compared to those on on -premises networks, cloud credentials are very powerful, Johnston says. Often, having these credentials is the only requirement to access the system.
The risks are further emphasized by another step in the alternative attack sequence that involves obtaining API permissions for getSerialPortOutput. The cloud instance is available even for low -permission viewer roles, according to the report.
“An adversary could potentially use this method to sneak out of a system that the adversary has gained access through a traditional method,” Johnston wrote in the report.
Although he didn’t see any threatening activity around the wrong configuration, Johnston said it’s hard to confirm for all customers, which is one of the reasons Mitiga wants to do it. know his conclusions. If the attack vector is exploited, it’s pretty obvious, according to Johnston. However, the risks are not clearly documented by Google, he said.
“It involves repeated calls to AP Google, what we are concerned about and why we want to advance this research and why we want to contact Google in the first place,” Johnston told SearchSecurity . “I don’t find any research that says these APIs are dangerous – or at least it’s not very clear – and that’s our main concern.»
Disclosure and Correction
Mitiga reported the results to Google’s Vulnerability Reporting Program (VRP); Both vendors agree that the problem is not a vulnerability, “but simply functionally dangerous” that can be used to circumvent firewall settings.
Mitiga recommends that Google make two changes to the getSerialPortOutput function, including limiting its use to only the highest -level authorization roles and allowing organizations to disable any additions or changes to VM metadata at runtime. execution. Mitiga also recommends a revision to the GCP documentation to make it clear that access to virtual machines is not completely restricted by firewalls and other network access controls.
However, Google does not agree with most of the recommendations.
After lengthy discussion, Google finally agreed that some parts of its documentation could be clarified and agreed to make changes to the documentation stating that the control plane could access virtual machines regardless. the firewall settings. Google has not acknowledged other recommendations or discussed details on whether a GCP user can avoid charges by using the getSerialPortOutput method, “Johnston wrote in the report.
Google awarded Johnston $ 100 through its VRP for the misconfiguration report.
Google declined to comment on the filing.
To solidify systems against incorrect GCP configuration, Mitiga recommends assigning specific permissions as needed to users according to the principle of least privilege, as opposed to built-in roles.
However, cloud security is an emerging area that needs a different level of attention than in -place networks, Johnston said. The biggest lesson Mitiga learned from this discovery was the many unintended effects of moving to the cloud.
Although Johnston said the cloud is impressive for developers and the speed of development in terms of developing enterprise-grade apps, there are additional security challenges in the cloud. Some of this confusion comes from terms and ideas derived from traditional LANs that don’t always apply to the cloud in the same way. An example is the Common Vulnerability and Disclosure Program.
Another example centers on the principle of shared responsibility where the cloud runs. Johnston said it can cause confusion over exactly how it’s shared, but understanding the difference in how the cloud changes those terms as well as the underlying technology is important for cloud security.
“As businesses continue their journey towards the cloud, it’s really important to understand what your cloud attack surface looks like and make sure you have the right logging and alerts in place,” he said.