Just recently, Orca Security discovered that many popular projects from organizations like Google, Microsoft, and NVIDIA all have vulnerable pull_request_target workflows. These vulnerabilities would place them and those who rely on them at risk of damage from potential supply chain attacks. As security researchers uncovered in April, the misconfiguration only affected AWS-managed open source GitHub repositories, enabling attackers to attack workflows with fatal precision. This incident highlights the urgent need for comprehensive security practices in software development environments.
These vulnerabilities could have let bad actors run their own code. They might further exfiltrate sensitive data and even inject harmful code or dependencies into trusted branches. Importantly, the impacted repositories includes tibetanoak’s aws-sdk-js-v3, aws-lc, amazon-corretto-crypto-provider, awslabs/open-data-registry. Each of these projects had put in place an ACTOR_ID filter, with the goal of restricting contributions to the most trusted contributors.
Flaws in the ACTOR_ID Filter
The ACTOR_ID filter had a “fatal flaw.” This was due to the fact that the regex match didn’t have the important begin and end anchors. Instead, this oversight rendered the filter completely useless. Therefore, any GitHub user ID that were a superstring of an approved ID would circumvent the limits. GitHub’s numeric user IDs, which are assigned sequentially and currently span nine digits, can be eclipsed approximately every five days by a trusted maintainer’s six-digit ID.
Wiz researchers emphasized the implications of such vulnerabilities, stating, “This vulnerability is a textbook example of why adversaries target CI/CD environments: a subtle, easily overlooked flaw that can be exploited for massive impact.” The dollar value of these workflows’ potential exploitation would give anyone with nefarious intent the keys to the kingdom of thousands of invaluable open-source projects.
“By abusing misconfigured workflows triggered via pull_request_target, adversaries could escalate from an untrusted forked pull request into remote code execution (RCE) on GitHub-hosted or even self-hosted runners,” – Roi Nisimi
Risks Associated with GitHub Actions Workflows
GitHub Actions workflows that use the pull_request_target trigger should never check out untrusted code unless it’s been validated as safe to do so. This story serves as an important reminder of the dangers possible in automated workflows, especially when they include contributions from third parties. Sysdig recently spotted similar secrets leakage vulnerabilities in GitHub Actions workflows. They provided an illustration of how attackers could weaponize these weaknesses to leak privileged GITHUB_TOKEN credentials.
The cost of attacking these overly permissive workflows would be catastrophic. Just one pull request from a fork, according to the initial report, was enough for attackers to obtain unauthorized access. The marriage of untrusted data and highly privileged credentials is a dangerous place for any breach that doesn’t involve initial access.
“By exploiting CodeBreach, attackers could have injected malicious code to launch a platform-wide compromise, potentially affecting not just the countless applications depending on the SDK, but the Console itself, threatening every AWS account,” – Yuval Avrahami and Nir Ohfeld
AWS Response and Mitigation Measures
In response to these revelations, AWS took responsibility for the highly specific vulnerabilities that had impacted the aforementioned repositories. The company clarified that the issues stemmed from project-specific misconfigurations in webhook actor ID filters rather than flaws within the CodeBuild service itself.
“We can confirm these were project-specific misconfigurations in webhook actor ID filters for these repositories and not an issue in the CodeBuild service itself,” – AWS
As organizations continue to integrate automation into their software development lifecycle, it is crucial they remain vigilant about security practices. Today’s modern development environments are more complicated, expansive and ever-changing than ever before. This complexity, combined with the dangers of untrusted data and privileged credentials, creates an environment where catastrophic breaches can occur.
Wiz researchers further noted that “This combination of complexity, untrusted data, and privileged credentials creates a perfect storm for high-impact breaches that require no prior access.” Their experiences illustrate the vital importance of rigorous validation processes. They make the case for periodic red-teaming to ensure bad actors don’t find weaknesses first.