A privilege escalation vulnerability in Google Cloud Platform (GCP), dubbed “ImageRunner,” was recently discovered and fixed.
The flaw, which Tenable Research brought to light, potentially allowed attackers to exploit Google Cloud Run permissions and access sensitive data stored in private container images.
Discovering the ImageRunner Vulnerability
The vulnerability hinged on improper permission handling for identities with Google Cloud Run revision edit permissions.
.png
)
Cloud Run—a service in GCP designed for running containerized applications—relies on container images stored in repositories like Google Container Registry (GCR) and Artifact Registry. These repositories are critical to deploying containerized applications.
When deploying a Cloud Run service, specific permissions are required for pulling private container images from these registries.
However, Tenable Research discovered that attackers could exploit the process by modifying Cloud Run revisions to access private images without having the necessary registry permissions.
This security lapse left sensitive images, including proprietary application code and secrets, vulnerable to unauthorized access.
How ImageRunner Worked
Attackers with run.services.update and iam.serviceAccounts.actAs permissions in a victim’s GCP project could modify a Cloud Run service and deploy a new revision.
By pointing the service to a private container image from GCR or Artifact Registry, attackers could bypass key permissions like “Storage Object Viewer” or “Artifact Registry Reader.”
The threat extended further as attackers could inject malicious instructions into the service configuration during deployment.
This could lead to data exfiltration, secret extraction, or even full compromise of sensitive container images. For example, Tenable demonstrated how an attacker could use the Netcat (ncat) image to establish a reverse shell for unauthorized access to private images.
Google’s Response and Security Fix
Following the identification of the ImageRunner vulnerability, Google implemented critical security updates to Cloud Run.
As of January 28, 2025, the platform enforces stricter access controls. Now, any identity updating or deploying a Cloud Run service must have explicit read permissions for the container images involved.
Google rolled out this fix across its infrastructure, issuing a Mandatory Service Announcement to affected users in late 2024.
Release notes advised users of the breaking change, which aimed to strengthen overall GCP security against similar threats.
The incident underscores the importance of stringent access control and regular security audits in cloud environments.
Organizations are advised to review IAM roles and permissions carefully, ensuring that only necessary privileges are assigned to identities within their projects.
As cloud adoption continues to grow, this case highlights the ongoing need for robust vulnerability management and collaborative efforts between cloud providers and security researchers to protect sensitive data.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
, dubbed "ImageRunner," was recently discovered and fixed.){kind=link}