Document AI, a Google Cloud file processing service, had a worrying security flaw that allowed attackers to steal sensitive data from people’s cloud storage accounts and possibly even smuggle in malware.
This is according to a new report from cybersecurity researchers Vectra AI, who discovered the vulnerability in early April and reported it to Google. It was fixed in early September of this year.
Google Cloud Document AI is a suite of machine learning tools that automates the extraction, analysis, and understanding of documents. It processes unstructured data such as invoices, forms, or contracts by transforming it into structured, actionable information. The service is designed to improve document workflows and increase the speed and accuracy of data extraction.
Batch Processing Issues
Users can process documents stored in Google Cloud through so-called batch processing – automation of document analysis for large volumes of documents at a time. During this process, the service uses the “service agent”, a Google-managed service that acts as the identity in the process. However, instead of using the caller’s set of permissions for the task, batch processing uses the service agent’s permissions, which are too broad.
As a result, the caller (who could be a malicious actor) could gain access to all Google Cloud Storage buckets within the same project, and through the project – all data that resides there. The researchers demonstrated a Proof of Concept to Google, showing how the vulnerability could be abused to exfiltrate a .PDF file, modify it, and then restore it to the same place.
Shortly after learning of the issue, Google apparently released a patch and changed the issue’s status to “resolved.” However, researchers said the fix wasn’t enough and pressured the company further. Google eventually confirmed a downgrade in early September that fixed the issue, “because the attacker needs access to an affected victim’s project.”
Via The register
