Google has paid out more than $22,000 in bug bounties to a duo of security researchers who uncovered vulnerabilities in four different Google Cloud Platform (GCP) projects. The researchers, Sreeram KL and Sivanesh Ashok found bugs in Theia, Vertex AI, Compute Engine and Cloud Workstations, earning them six payouts in total.
The most lucrative project for the duo was Vertex AI, a machine learning training and deployment platform, which earned them two $5,000 payouts for a server-side request forgery (SSRF) bug and subsequent patch bypass.
The SSRF vulnerability, documented in a blog post by Sreeram, was found in the workbench feature of Vertex AI, which allows the creation of Jupyter notebook-based development environments on the cloud.
The researchers were able to abuse the SSRF vulnerability and trick victims into clicking a malicious URL, which could potentially allow attackers to take control of an authorization token and all of the victim’s GCP projects.
Google addressed the issue by adding cross-site request forgery (CSRF) protection to the endpoints and improving the verification of the domain. However, the researchers were able to bypass the patch by using an open redirection in *.google.com and a technique developed in 2020 by @s1r1us that targets Jupyter Lab.
The duo also found vulnerabilities in Theia, an integrated development environment used by Google in Cloud Shell, and in Google Cloud’s Compute Engine. Theia earned them a further $3,133.70 bounty and the Compute Engine bug earned them a $5,000 windfall with a $1,000 bounty bonus.
The vulnerability in Compute Engine resided in the SSH-in-browser function and could lead to remote code execution (RCE) in a victim’s system.