SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Data Protection
#
Cloud Security
#
Breach Prevention

Google Cloud Run vulnerability exposed by Tenable Research

Yesterday
Author image
By Kaleah Salmon, Journalist

Tenable Research has disclosed a privilege escalation vulnerability within Google Cloud Run, named ImageRunner, which could have allowed attackers to bypass permissions and access private container images.

Google Cloud Run, a serverless container platform, uses elevated permissions to access private Google Container Registry or Artifact Registry images. Tenable identified the vulnerability as a potential risk for unauthorised access, allowing an attacker with edit permissions on Cloud Run to exploit inherited permissions and consequently retrieve container images for deploying applications.

Tenable coined the Jenga Concept to highlight this type of risk, indicating that when cloud service providers build services on top of each other, vulnerabilities in one layer can affect other services.

Liv Matan, Senior Security Researcher at Tenable, explained, "In the game of Jenga, removing a single block can undermine the entire structure. Cloud services function similarly if one component has risky default settings, those risks can trickle down to dependent services, increasing the risk of security breaches."

If successfully exploited, ImageRunner could have allowed attackers to inspect private container images, extract sensitive information or secrets, modify deployment parameters to run unauthorised code, and exfiltrate critical data. Google has since addressed the vulnerability, and no further user action is required.

While acknowledging no further action from users, Tenable provided recommendations for security teams. Organisations are encouraged to adhere to a least privilege model to prevent unnecessary permission inheritance, use tools like Jenganizer to map hidden dependencies between cloud services, and regularly review logs to detect suspicious access patterns.

Matan added, "The discovery of ImageRunner reinforces the need for proactive cloud security measures. As cloud environments grow more complex, security teams must anticipate and mitigate risks before attackers exploit them."

The disclosure of the ImageRunner vulnerability underscores the importance of continuous security assessment in cloud environments. As cloud services become more interconnected, organisations must remain vigilant in managing permissions and monitoring for potential risks. Addressing vulnerabilities proactively and adopting best practices, such as the least privilege and dependency mapping principle, can help mitigate security threats before they are exploited.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Utimaco launches Quantum Protect for post-quantum security
Prowler secures USD $6.5 million to enhance cloud security
Contrast Security launches new channel-first strategy
Cequence Security earns AWS Security Competency status
Semperis study reveals critical cyber threats to utilities
Top stories
VivaTech 2025: Paris event set to showcase tech innovation
Check Point lauded as leader in attack surface management
Commvault & SimSpace launch cyber recovery training
DigiCert integrates UltraDNS to enhance digital security
Human error tops cloud security threats in Qualys report