‘CloudImposer could have allowed attackers to conduct a massive supply chain attack by compromising the Google Cloud Platform’s Cloud Composer service for orchestrating software pipelines,’ says Tenable security researcher Liv Matan.

Google has patched a critical security flaw inside its Google Cloud Platform Composer tool that could have enabled hackers to achieve remote execution on Google’s cloud servers.

Cybersecurity firm Tenable Research said it discovered a remote code execution vulnerability in the Google Cloud Platform (GCP) that could have allowed an attacker to hijack an internal software dependent that Google preinstalls on each Composer tool. Tenable dubbed the flaw CloudImposer.

“CloudImposer could have allowed attackers to conduct a massive supply chain attack by compromising the Google Cloud Platform’s Cloud Composer service for orchestrating software pipelines,” said Liv Matan, a security researcher for Tenable, in a blog post Monday.

“Specifically, CloudImposer could have allowed attackers to conduct a dependency confusion attack on Cloud Composer, a managed service version of the popular open-source Apache Airflow service,” Matan said.

[Related: 6 Big Google Cloud Exec Hires And Exits From AWS, Microsoft And CoreWeave]

Tenable discovered CloudImposer after finding documentation from GCP and the Python Software Foundation that could have put customers at risk of a supply chain attack called dependency confusion.

The affected GCP services were App Engine, Cloud Function and Cloud Composer.

Supply Chain Attacks

In supply chain attacks, Tenable said attackers infiltrate the supply systems of legitimate providers. When the provider inadvertently distributes the compromised version of its software, its users become vulnerable to an attack, which could lead to widespread security breaches.

Composer is Google Cloud’s managed service version of Apache Airflow.

Due to its popularity, the impact of a single malicious package deployed within Google Cloud’s Composer could be “staggering,” said Matan.

“We’re no longer talking about an isolated incident affecting just one server or data center; we’re looking at a potential ripple effect that could compromise millions of users across numerous organizations,” Matan said.

Google Fixes Vulnerability: ‘No Evidence’ CloudImposer Was Exploited

Following the disclosure in January 2024, this issue was fixed by Google in May 2024 by ensuring that the Python Package is only installed from a private repository.

“Following our report, Google fixed the vulnerable script that was utilizing the –extra-index-url argument when installing their private package from their private registry, in Google Cloud Composer,” said Tenable’s Matan.

Matan said Google also inspected the checksum of the vulnerable package instances and notified Tenable that, “as far as Google knows, there is no evidence that the CloudImposer was ever exploited.”

Google acknowledged that Tenable’s code ran in Google’s internal servers, but said the company believes it wouldn’t have run in customers’ environments because it would not pass the integration tests.

“Google now recommends that GCP customers use the ‘–index-url’ argument instead of the ‘–extra-index-url’ argument” said Matan. “And that GCP customers make use of an Artifact Registry virtual repository when requiring multiple repositories.”

During the second quarter of 2024, Google Cloud generated $10.3 billion in revenue, representing a year over year increase of nearly 30 percent.

Mountain View, Calif.-based Google Cloud currently has an annual run rate of over $41 billion.