Description

Israeli cloud security firm Dig has recently disclosed a new security flaw in Google Cloud Platform's (GCP) Cloud SQL service that allows an attacker to gain access to confidential information. Cloud SQL is a fully managed relational database service used for building SQL Server, PostgreSQL, and MySQL, for cloud-based applications. By leveraging this flaw, malicious actors could escalate their privileges from a standard Cloud SQL user to a sysadmin on a container, thereby acquiring sensitive data such as secrets, passwords, and sensitive files, alongside customer data. Moreover, a multi-stage attack chain exploits the vulnerability in the security layer related to SQL Server, which allows the attacker to escalate their user privileges to that of an administrator role. By gaining elevated permissions, the attacker could exploit another critical misconfiguration, ultimately granting them system administrator rights and complete control over the database server. Further, the attackers would be able to infiltrate the underlying operating system and gain access to all hosted, perform file enumeration and password extraction, which in turn can serve as a starting point for launching subsequent attacks. The consequences of such a breach are significant, as it exposes sensitive data belonging to both the cloud provider and its customers.