Tenable has uncovered a privilege escalation vulnerability in Google Cloud Composer (GCP) named ConfusedComposer. The vulnerability lets attackers with edit permissions in Cloud Composer to escalate privileges and gain access to a high-level service account with broad permissions across GCP.
Cloud Composer uses Cloud Build, a fully managed continuous integration and delivery (CI/CD) service in GCP, to install custom PyPI packages, using a highly privileged default Cloud Build service account. According to the Tenable Research findings, attackers with edit permissions in Cloud Composer environments could exploit this process by injecting a malicious package, allowing them to escalate privileges and gain control over Cloud Build’s service account. This would grant access to critical GCP resources such as Cloud Build itself, Cloud Storage and Artifact Registry, demonstrating the risks of inherited cloud permissions.
ConfusedComposer is a variant of a vulnerability discovered by Tenable that was dubbed ConfusedFunction, it highlights the complexity and similarity of cloud services that eventually led to an exploitation variant.
ConfusedComposer highlights a broader security concern identified by Tenable as Jenga® Concept, the tendency for cloud providers to build services on top of one another, enabling security risks and weaknesses in one layer cascade into other services.
“When you play the Jenga® game, removing one block can make the whole tower unstable,” said Liv Matan, Senior Security Researcher at Tenable. “Cloud services work the same way. If one layer has risky default settings, then that risk can spread to others, making security breaches more likely to happen.”
Potential Impact of ConfusedComposer Exploitation:
If exploited, ConfusedComposer could allow attackers to:
- Steal sensitive data from GCP services
- Inject malicious code into CI/CD pipelines
- Maintain persistent access through backdoors
- Escalate privileges to potentially take full control of a victim’s GCP project
Google has addressed ConfusedComposer and no additional action is required.
Recommendations for Security Teams
While no user action is required to mitigate ConfusedComposer, Tenable recommends organizations to:
- Follow the least privilege model to prevent unnecessary permission inheritance.
- Map hidden dependencies between cloud services using tools like Jenganizer.
- Regularly review logs to detect suspicious access patterns.
“The discovery of ConfusedComposer highlights the need for security teams to uncover hidden cloud interactions and enforce strict privilege controls. As cloud environments become more complex, it’s crucial to identify and address risks before attackers take advantage of them,” added Matan.
