GoogleCloudPlatform OSConfig Privilege Escalation

Posted by deepcore on September 23, 2020 – 11:45 am

Google’s osconfig agent was vulnerable to local privilege escalation due to relying on a predictable path inside the /tmp directory. An unprivileged malicious process could abuse this flaw to win a race condition and take over the files managed by the high privileged agent process and thus execute arbitrary commands as the root user (full capabilities). Exploitation was possible only during an osconfig recipe being deployed.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Seat Reservation System 1.0 SQL Injection Flatpress Add Blog 1.0.3 Cross Site Scripting »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

GoogleCloudPlatform OSConfig Privilege Escalation

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL