Supply chain attacks possible with Google Cloud Build vulnerability

Threat actors could leverage a critical design vulnerability in Google Cloud Build dubbed 'Bad.Build' to achieve privilege escalation and obtain unauthorized Google Artifact Registry code repository access, reports BleepingComputer. Such a flaw could also be exploited to facilitate application image takeovers and malicious code injections that may result in supply chain attacks, a report from Orca Security revealed. "The potential impact can be diverse, and applies to all organizations that are using the Artifact Registry as their main or secondary image repository. The first and immediate impact is disrupting the applications relying on these images. This can lead to [denial-of-service], data theft, and spreading malware to users," wrote researcher Roi Nisimi. Google has already issued a partial fix for the flaw after being reported by Orca Security but Nisimi noted that supply chain risks persist as Google has not completely addressed the privilege escalation attack vector. "Applying the Principle of Least Privilege and implementing cloud detection and response capabilities to identify anomalies are some of the recommendations for reducing risk," Nisimi added.