CloudImposer flaw exposes Google Cloud servers to RCE threats - #CloudImposer
Tenable Research discovered a critical vulnerability in Google Cloud services named "CloudImposer," which could allow remote code execution on various Google Cloud instances through a technique called dependency confusion. This flaw affected several Google Cloud Platform (GCP) services, including App Engine, Cloud Function, and Cloud Composer. The vulnerability could lead to significant supply chain attacks by exploiting Google's inadequate verification of preloaded services during cloud instance initialization. Google has since patched the issue and updated its documentation to recommend safer practices, such as using the `--index-url` argument instead of `--extra-index-url` when handling Python packages. Despite the fix, Tenable stressed the need for greater awareness and more robust security practices to prevent similar vulnerabilities in the future. Fortunately, there is no evidence that the vulnerability was exploited in the wild.