Home Latest Cyber Security News | Network Security Hacking Google Workspace Vulnerabilities Risk Security Breaches – Warn Researchers
Latest Cyber Security News | Network Security HackingNewsVulnerabilities

Google Workspace Vulnerabilities Risk Security Breaches – Warn Researchers

by Abeerah Hashim
written by Abeerah Hashim
An undocumented Google OAuth endpoint triggers Cookie regeneration exploit for session hijacking

Researchers have found numerous security vulnerabilities in Google Workspace that risk breaches. While the vulnerabilities pose a serious threat to the users, Google denies fixing the bugs as they do not match with Google’s threat model.

Numerous Vulnerabilities Found In Google Workspace

Bitdefender researchers spotted multiple security weaknesses in the Google Workspace. As elaborated, the researchers found these vulnerabilities when analyzing Google Workspace and Google Cloud Platform while developing their XDR sensor.

Exploiting these vulnerabilities lets an adversary to gain network-wide access by compromising a single target account. In worst-case exploits, attackers may even wage a ransomware attack, moving laterally on the network and infecting systems with the Google Credential Provider for Windows (GCPW) installed.

Besides, such exploitations may also allow decrypting and stealing stored passwords, and gain access to the cloud platform with custom permissions, moving “beyond the Google ecosystem.”

The vulnerability exists because the GCPW uses “Google Accounts and ID Administration” (GAIA) service accounts to validate Google Workspace credentials. Since this account is created with escalated privileges, any exploitations involving this service pose a serious threat.

Bitdefender has explained the different exploitation scenarios in detail in their post.

Google Says No Plans To Patch

Upon discovering Google Workspace vulnerabilities, Bitdefender reported the matter to Google officials. However, given that the exploits require an attacker to compromise a local machine, Google refused to address the vulnerabilities as they lie outside of their threat model.

Nonetheless, Bitdefender disclosed the weaknesses publicly to aware users following the responsible bug disclosure. As they highlighted, while local exploits may lie outside Google’s threat model, they still remain a serious issue demanding attention. That’s because the threat actors keep looking for such vulnerabilities to perform large-scale attacks.

Recently, another security researcher highlighted a similar issue that Google chose not to address. While those vulnerabilities didn’t precisely threaten Google, they risked the users of other apps built on the vulnerable Google Electron software, including PureVPN, Slack, and others.

Let us know your thoughts in the comments.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

You may also like

Multiple Vulnerabilities Found In Forminator WordPress Plugin

Palo Alto Networks Patched A Pan-OS Vulnerability Under...

Apple Removed Numerous Apps From China App Store

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall...

Personal Data Exposed in Massive Global Hack: Understanding...

Guardz Welcomes SentinelOne as Strategic Partner and Investor...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...