A newly discovered vulnerability, dubbed ConfusedComposer, was found in Google Cloud Platform’s (GCP) Cloud Composer service, which could enable privilege escalation for attackers. The flaw allowed attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account. This service account had high-level permissions across multiple GCP services such as Cloud Storage and Artifact Registry, putting sensitive data and services at risk. The vulnerability was named ConfusedComposer due to its similarity to another privilege escalation issue, ConfusedFunction, affecting GCP’s Cloud Functions service.
The vulnerability was exploitable through Cloud Composer’s ability to install custom Python Package Index (PyPI) packages in environments, allowing attackers to inject malicious code. By updating a Cloud Composer environment with a specially crafted PyPI package, attackers could execute arbitrary code within the Cloud Build instance, enabling them to hijack critical GCP services. This attack could lead to unauthorized access to enterprise applications and data, disruption of services, or even the deployment of persistent backdoors in cloud environments. It highlighted how interactions between cloud services could be leveraged for privilege escalation.
Google promptly addressed the issue by eliminating the use of the default Cloud Build service account to install PyPI packages. The company made changes to ensure that the environment’s service account is now used instead, reducing the potential for such attacks. This update was rolled out for Cloud Composer 2 environments and automatically applied to newer versions. Users of Cloud Composer 3 were not impacted as they already used the environment’s service account, strengthening the overall security of GCP’s cloud orchestration service.
The discovery of ConfusedComposer coincided with other significant cloud vulnerabilities, such as the Destructive Stored URL Parameter Injection vulnerability in Microsoft Azure. This vulnerability could have enabled privileged attackers to cause data loss through altered server configurations. Additionally, Datadog Security Labs identified a bug in Microsoft Entra ID, which allowed attackers to protect compromised accounts from being modified or disabled by administrators. These findings highlight the evolving and complex nature of cloud security risks, underscoring the need for constant vigilance and updates.