Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities

March 8, 2022, 2 p.m. | Erica Naone

We disclosed several GKE Autopilot vulnerabilities and attack techniques to Google. The issues are now fixed – we provide a technical analysis.

The post Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities appeared first on Unit42.

cloud container containers escape shadow vulnerabilities

Visit resource

More from unit42.paloaltonetworks.com / Unit42

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 5 days, 10 hours ago | unit42.paloaltonetworks.com

campaign command command injection cve +13

Muddled Libra’s Evolution to the Cloud 1 week, 1 day ago | unit42.paloaltonetworks.com

amp applications att aws +17

It Was Not Me! Malware-Initiated Vulnerability Scanning Is on the Rise 1 week, 2 days ago | unit42.paloaltonetworks.com

advanced threat prevention advanced url filtering advanced wildfire attacks +14

Threat Brief: Vulnerability in XZ Utils Data Compression Library Impacting Multiple Linux Distributions (CVE-2024-3094) 2 weeks, 4 days ago | unit42.paloaltonetworks.com

compression cortex xdr cortex xsiam cve +17

Exposing a New BOLA Vulnerability in Grafana 3 weeks ago | unit42.paloaltonetworks.com

advanced url filtering api api attacks authorization +19

ASEAN Entities in the Spotlight: Chinese APT Group Targeting 3 weeks, 1 day ago | unit42.paloaltonetworks.com

actions advanced persistent threat advanced url filtering apac +20

Large-Scale StrelaStealer Campaign in Early 2024 3 weeks, 5 days ago | unit42.paloaltonetworks.com

advanced threat protection advanced wildfire campaign campaigns +16

Curious Serpens’ FalseFont Backdoor: Technical Analysis, Detection and Prevention 3 weeks, 6 days ago | unit42.paloaltonetworks.com

advanced threat prevention advanced url filtering advanced wildfire aerospace +25

Unit 42 Collaborative Research With Ukraine’s Cyber Agency To Uncover the Smoke Loader Backdoor 4 weeks, 1 day ago | unit42.paloaltonetworks.com

advanced threat prevention advanced url filtering advanced wildfire agency +21

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Security Officer Hospital Mission Viejo

@ Allied Universal | Mission Viejo, CA, United States

View on infosec-jobs.com

Junior Offensive Cyber Security Researcher

@ Draper | Cambridge, MA, United States

View on infosec-jobs.com

Consultant reporting reglementaire

@ Talan | Luxembourg, Luxembourg

View on infosec-jobs.com

Chief Information Security Officer

@ Kantox | Barcelona, Catalonia, Spain

View on infosec-jobs.com

View more jobs

all InfoSec news

Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities

More from unit42.paloaltonetworks.com / Unit42

Jobs in InfoSec / Cybersecurity

SOC 2 Manager, Audit and Certification

Information Security Engineers

Security Officer Hospital Mission Viejo

Junior Offensive Cyber Security Researcher

Consultant reporting reglementaire

Chief Information Security Officer