Unit 42 Discloses Newly Discovered Vulnerabilities in GKE Autopilot

In June 2021, the Unit 42 threat research team reached out to Google to disclose several vulnerabilities and attack techniques in Google Kubernetes Engine (GKE). The issues primarily affect GKE Autopilot, the latest offering by Google Cloud for managing Kubernetes clusters. One of the identified privilege escalation techniques affects GKE Standard as well.

Google resolved the issues and deployed patches universally across GKE. Clusters are now protected. Unit 42 has no indication that these issues were exploited in-the-wild prior to the fix. We’re now sharing more details about these vulnerabilities and attack techniques to help organizations understand potential issues in securing Kubernetes and how they can be addressed.

Kubernetes is a container orchestration platform that has become the de facto way to manage, deploy and scale containerized applications. The latest yearly survey by the Cloud Native Computing Foundation found that the vast majority of organizations (83% percent) run Kubernetes in production. Ultimately, the transition to the cloud, while bringing many benefits to organizations, also attracted threat actors. Unit 42 has observed numerous pieces of malware tailor-made to attack Kubernetes. It’s important that organizations, cloud security providers and the cybersecurity industry continue to work together to address issues like vulnerabilities and misconfigurations in order to help secure work in the cloud.

The GKE Autopilot vulnerabilities discovered allowed attackers with a limited initial foothold to escalate privileges and take over an entire cluster. Attackers could then covertly exfiltrate secrets, deploy malware and cryptominers, or disrupt workloads, all while remaining invisible to the victim.

As the adoption of Kubernetes advances, simple misconfigurations and vulnerabilities become less common, forcing threat actors to look for increasingly sophisticated attacks. This research demonstrates that even subtle issues in Kubernetes can amount to very impactful attacks. Only a comprehensive cloud native security platform can empower defenders and protect clusters against similar threats.

How can I protect myself from these vulnerabilities?
Following our disclosure, Google automatically pushed patches across GKE to Autopilot clusters. No customer action is needed.

Was I affected if I'm using GKE Standard?
One of the identified privilege escalation attacks also affected GKE Standard. See the following section for mitigations. The complete attack only affected GKE Autopilot.

How can I protect myself from similar attacks in the future?
We encourage Kubernetes administrators to enable policy and audit engines that monitor for, detect and prevent suspicious activity and privilege escalation in their clusters. We also recommend using NodeAffinity, Taints or PodAntiAffinity rules to separate powerful pods from untrusted ones. Refer to our research blog for more information.

We highly recommend reading Google's official advisory, which describes the issues from Google's perspective and lists their mitigations.

Prisma Cloud users are encouraged to enable our admission support for Kubernetes aimed at tackling Kubernetes privilege escalation. Using this feature, similar attacks on Kubernetes can be prevented.

To protect cloud environments as a whole, the best solution is to implement a comprehensive cloud native security platform such as Prisma Cloud, which is able to detect and mitigate malicious behavior as well as identify vulnerabilities in cloud environments. Learn how Prisma Cloud can secure infrastructure, applications and data across hybrid and multicloud environments.