Researchers from Security Explorations report that they have found multiple serious vulnerabilities in the Java environment of the Google App Engine, part of the Google Cloud Platform, which can lead to bypass critical security sandbox protection.
Google App Engine is Google’s PaaS (Platform as a Service) Cloud computing Platform for developing and hosting web applications in Google-managed data centers. GAE offers to run custom-built programs using a wide variety of popular languages and frameworks, out of which many are built on the Java environment.
Adam Gowdiak, founder and CEO of Security Explorations explained the full disclosure of the vulnerability, and says that the vulnerability allows the attacker to bypass all the security measures of the Java VM security sandbox escape and also leads to arbitrary code execution.
On exploiting the vulnerability researcher were able to bypass the Google App Engine whitelisting of Java Runtime Environment (JRE) Classes, and gain access to the full JRE. According to researcher there were 22 full sandbox escape issues and out of it 17 were successfully exploitable. On exploiting the vulnerability, researcher can execute native commands specifically to issue arbitrary library/system calls and to gain access to the files comprising the JRE sandbox.
Researcher estimates that there were more than 30 vulnerabilities. Unfortunately team was unable to finish their research because Google had suspended their test Google App Engine account.
"Unfortunately, we cannot complete our work due to the suspension of the "test" GAE account that took place today," Gowdiak wrote. "Without any doubt this is an opsec failure on our end (this week we did poke a little bit more aggressively around the underlying OS sandbox / issued various system calls in order to learn more about the nature of the error code 202, the sandbox itself, etc.)."But then also they believe that Google will allow them to complete their work, as Google has generally been supportive of and helpful to the security research community.
On exploiting the vulnerability researcher were able to bypass the Google App Engine whitelisting of Java Runtime Environment (JRE) Classes, and gain access to the full JRE. According to researcher there were 22 full sandbox escape issues and out of it 17 were successfully exploitable. On exploiting the vulnerability, researcher can execute native commands specifically to issue arbitrary library/system calls and to gain access to the files comprising the JRE sandbox.