Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Google Cloud Document AI has some worrying security flaws

Cyber security Cloud computing blue abstract digital binary code background. Innovative technology and Artificial intelligence concept. New futuristic system technology symbol. Vector illustration.

Document AI, a Google Cloud service for file processing, had a worrying security flaw which allowed threat actors to steal sensitive data from people’s cloud storage accounts, and possibly even smuggle malware inside.

This is according to a new report from cybersecurity researchers Vectra AI, who found and reported the flaw to Google in early April. It was fixed in early September this year.

Google Cloud Document AI is a suite of machine learning tools that automates the extraction, analysis, and understanding of documents. It processes unstructured data like invoices, forms, or contracts by converting them into structured, usable information. The service is designed to improve document workflows, enhancing speed and accuracy in data extraction.

Batch processing woes

Users can process documents stored in Google Cloud via so-called batch processing - automation of document analysis for large volumes of documents simultaneously. During this process, the service uses “service agent”, a Google-managed service that acts as the identity in the process. However, instead of using the caller’s set of permissions for the job, batch processing uses the service agent permissions, which are too broad.

As a result, the caller (which could be a malicious individual) can access any Google Cloud Storage buckets within the same project, and through it - all of the data found there. The researchers demonstrated a Proof of Concept to Google, showing how the vulnerability could be abused to exfiltrate a .PDF file, modify it, and then return it to the same place.

Soon after learning about the issue, Google apparently released a patch, and changed the status of the problem as ‘fixed’. However, the researchers said the fix wasn’t sufficient, and pressured the company further. Finally, in early September, Google confirmed applying a downgrade that sorted it out, “because the attacker needs to have an access to an impacted victim's project.”

Via The Register

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.