Full Report
Cisco Talos built on Tenable’s discovery of a Google Cloud Platform vulnerability to uncover how attackers could exploit similar techniques across AWS and Azure.
Analysis Summary
# Vulnerability: Privilege Escalation via Malicious NPM Package in GCP Cloud Functions Deployment
## CVE Details
- CVE ID: Not explicitly assigned in the provided text (Discovered vulnerability subsequently partially addressed by the vendor)
- CVSS Score: Not explicitly provided. (Implied High due to privilege escalation)
- CWE: Unspecified, related to improper permission assignment during resource deployment.
## Affected Systems
- Products: Google Cloud Platform (GCP) Cloud Functions, GCP Cloud Build service.
- Versions: Unspecified versions of GCP Cloud Functions prior to the patch application.
- Configurations: Environments where a user can create or update a Cloud Function and where the Cloud Build process was utilizing a default service account with excessive permissions.
## Vulnerability Description
Tenable Research discovered that the backend deployment process for GCP Cloud Functions triggers a multi-step sequence that attaches a **default Cloud Build service account** to the resulting Cloud Build instance. Historically, this default service account held excessive permissions related to Cloud Functions. An attacker who could create or update a Cloud Function could leverage this deployment process to escalate privileges to this default Cloud Build Service Account or assign a higher privileged service account to the build process.
Cisco Talos further demonstrated that by embedding malicious code (specifically targeting the `package.json` file for NPM dependencies) during deployment, an attacker could execute arbitrary commands, leading to environment enumeration and, initially, service account token exfiltration.
## Exploitation
- Status: Proof of Concept (PoC) available via research, but **token exfiltration via the original method is confirmed to be patched by Google.** Other associated behaviors (like environment enumeration) were confirmed by Talos in their testing environment.
- Complexity: Medium (Requires the ability to deploy/update a Cloud Function and publish a package to the public NPM registry).
- Attack Vector: Network (Triggered over the network via function deployment/update).
## Impact
- Confidentiality: High (Initial research confirmed exfiltration of GCP service account access tokens was possible).
- Integrity: Medium (Ability to run arbitrary code during the build phase).
- Availability: Low to Medium (Impact localized to the specific function deployment/build environment).
## Remediation
### Patches
- Google has **partially addressed** Tenable's discovery by ensuring the default Cloud Build service account no longer provides users with excessive permissions. (Specific patch version details were not provided.)
### Workarounds
- The primary mitigation confirmed effective by Talos was the patching by Google against token exfiltration.
- **General Mitigation:** Ensure service accounts assigned to Cloud Functions and Cloud Build have the **principle of least privilege** applied, refraining from relying on default or overly permissive service accounts for critical operations.
## Detection
- **Indicators of Compromise:** Evidence of unusual outbound network traffic originating from the Cloud Build execution environment during function deployment, especially traffic directed towards external services like Ngrok endpoints or custom Python data listeners.
- **Detection Methods and Tools:** Monitoring and scanning the `package.json` file used in Cloud Function deployments for suspicious external dependencies, particularly those targeting the NPM registry. Auditing Cloud Build logs for execution of unexpected commands during deployment stages.
## References
- [Tenable Research Article - ConfusedFunction](https://www.tenable.com/blog/confusedfunction-a-privilege-escalation-vulnerability-impacting-gcp-cloud-functions)