Summary
Google Vertex AI contains two privilege escalation vulnerabilities in its Agent Engine and Ray components that allow low-privileged users to hijack Service Agents and access sensitive cloud data. Because Google considers these configurations intentional, organizations must manually restrict permissions and disable interactive shells to prevent unauthorized access.
Take Action:
Audit your Google Cloud IAM roles to ensure 'Viewer' users cannot access interactive shells on Ray clusters. Restrict update permissions on reasoning engines to prevent malicious code injection into your AI workflows.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)