Unit 42 Discloses Newly Discovered Vulnerabilities in GKE Autopilot
In June 2021, the Unit 42 threat research team reached out to Google to disclose several vulnerabilities and attack techniques in Google Kubernetes Engine (GKE). The issues primarily affect GKE Autopilot, the latest offering by Google Cloud for managing Kubernetes clusters. One of the identified privilege escalation techniques affects GKE Standard as well.
Google resolved the issues and deployed patches universally across GKE. Clusters are now protected. ...