GCP - Composer Privesc
composer
composer.environments.create
composer.environments.create
It's possible to attach any service account to the newly create composer environment with that permission. Later you could execute code inside composer to steal the service account token.
More info about the exploitation here.
Last updated