A newly found assault vector in GitHub Actions artifacts dubbed ArtiPACKED might be exploited to take over repositories and acquire entry to organizations’ cloud environments.
“A mixture of misconfigurations and safety flaws could make artifacts leak tokens, each of third social gathering cloud companies and GitHub tokens, making them out there for anybody with learn entry to the repository to devour,” Palo Alto Networks Unit 42 researcher Yaron Avital mentioned in a report printed this week.
“This enables malicious actors with entry to those artifacts the potential of compromising the companies to which these secrets and techniques grant entry.”
The cybersecurity firm mentioned it primarily noticed the leakage of GitHub tokens (e.g., GITHUB_TOKEN and ACTIONS_RUNTIME_TOKEN), which couldn’t solely give malicious actors unauthorized entry to the repositories, but in addition grant them the power to poison the supply code and get it pushed to manufacturing through CI/CD workflows.
Artifacts in GitHub enable customers to share knowledge between jobs in a workflow and persist that data after it has been accomplished for 90 days. This may embody builds, log recordsdata, core dumps, take a look at outputs, and deployment packages.
The safety downside right here is that these artifacts are publicly out there for anybody within the case of open-source initiatives, making them a worthwhile useful resource for extracting secrets and techniques like GitHub entry tokens.
Notably, the artifacts have been discovered to show an undocumented atmosphere variable referred to as ACTIONS_RUNTIME_TOKEN, which has a lifespan of about six hours and might be used to substitute an artifact with a malicious model earlier than it expires.
This might then open an assault window for distant code execution when builders immediately obtain and execute the rogue artifact or there exists a subsequent workflow job that is configured to run primarily based on beforehand uploaded artifacts.
Whereas GITHUB_TOKEN expires when the job ends, enhancements made to the artifacts characteristic with model 4 meant that an attacker might exploit race situation eventualities to steal and use the token by downloading an artifact whereas a workflow run is in progress.
The pilfered token might be subsequently used to push malicious code to the repository by creating a brand new department earlier than the pipeline job ends and the token is invalidated. Nevertheless, this assault banks on the workflow having the “contents: write” permission.
Numerous open-source repositories associated to Amazon Net Companies (AWS), Google, Microsoft, Purple Hat, and Ubuntu have been discovered vulnerable to the assault. GitHub, for its half, has categorized the difficulty as informational, requiring that customers take it upon themselves to safe their uploaded artifacts.
“GitHub’s deprecation of Artifacts V3 ought to immediate organizations utilizing the artifacts mechanism to reevaluate the way in which they use it,” Avital mentioned. “Neglected components like construct artifacts typically change into prime targets for attackers.”
