risks / Lateral movement
Description
Allows an attacker to gain access to additional components within a service, or to additional services within the system. Often occurs when an attacker can gain access to an additional identity (e.g., a service account) that has broader access.
Risk: BOOST
This risk allows an attacker to significantly increase the scope of an attack, or the sensitivity of accessed systems.
Mitigations
- Use least-privileged access
- Rotate service account credentials
- Prevent unencrypted service-account credential storage
- Monitor suspicious account access
Links
Affected Privileges
An attacker may be able to exploit this risk if they gain any of the following privileges:
Google Cloud Platform
Kubernetes
Google Workspace
© 2023–present P0 Security and contributors to the IAM Privilege Catalog