medium

Autopilot node compromise via allowlisted workload masquerade

Published Tue, Mar 8th, 2022
Platforms

Summary

Unit 42 researchers disclosed several vulnerabilities and attack techniques in GKE Autopilot to Google, the root cause being insufficient verification of allowlisted workload image names. An attacker with permissions to create a pod could have abused these vulnerabilities to (1) escape their pod and compromise the underlying node, (2) escalate privileges and become full cluster administrators, and (3) covertly persist administrative access through backdoors that are completely invisible to cluster operators.

Affected Services

Autopilot

Remediation

None required

Tracked CVEs

No tracked CVEs

References

Entry Status
Finalized
Disclosure Date
Tue, Jun 1st, 2021
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Piercing Index Rating
-
Discovered by
Yuval Avrahami, Palo Alto