A medium-severity security vulnerability in Google Cloud’s platform has been fixed. This vulnerability might be leveraged by an attacker to gain more privileges if they already have access to a Kubernetes cluster. The vulnerability was found and disclosed by Palo Alto Networks Unit 42, who stated that attackers may use it as a weapon to commit “data theft, deploy malicious pods, and disrupt the cluster’s operations.”
In a warning published on December 14, 2023, the business stated that “an attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required by Anthos Service Mesh (on clusters that have enabled it) to escalate privileges in the cluster.”