May 26, 2023Ravi LakshmananData Safety / Cloud Security

A new security flaw has been revealed in Google Cloud Platform’s (GCP)’s Cloud SQL service that can be exploited to gain access to sensitive data.

“This vulnerability elevates a malicious attacker from a basic Cloud SQL user to a full-fledged system administrator on containers, allowing them to access GCP internal data such as sensitive information, sensitive files, and passwords in addition to customer data. We may be able to access it,” said Crowd of Israel.security company dig Said.

cloud SQL is a fully managed solution for building MySQL, PostgreSQL, and SQL Server databases for cloud-based applications.

The multi-stage attack chain identified by Dig, in a nutshell, exploited a gap in the cloud platform’s security layer associated with SQL Server to elevate user privileges to administrator role privileges.

Privilege escalation then allowed him to exploit another serious misconfiguration to gain system administrator privileges and gain complete control of the database server.

cloud SQL

From there, the threat actor could access all files hosted on the underlying operating system, enumerate files, and extract passwords, which could serve as a launch pad for further attacks. I have.

Dig researchers Ofir Balassiano and Ofir Shaty said, “Access to internal data such as sensitive information, URLs, and passwords can lead to the exposure of cloud provider data and sensitive customer data, which is critical. It would be a serious security incident,” he said.

upcoming webinars

Zero Trust + Deception: Learn How to Outsmart Attackers!

See how Deception can detect advanced threats, stop lateral movement, and strengthen your Zero Trust strategy. Join us for an insightful webinar!

Reserve your seat!

Following a responsible disclosure in February 2023, this issue was addressed by Google in April 2023.

This disclosure is made as Google announced Automated certificate management environment availability (acme) API for all Google Cloud users to automatically obtain and renew TLS certificates for free.

Did you enjoy this article? Follow us twitter and LinkedIn To read more of the exclusive content we post.

cropped-BTA_Logo-B-1-scaled-1
YOUR FUTURE STARTS HERE.

BLUE TRAINING ACADEMY

Register now for our membership to gain access to our elite training program and fast forward your career today!

Newsletter

Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

cropped-BTA_Logo-B-1-scaled-1
Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog