catalog logoThe IAM Privilege Catalog

risks / Domain takeover

Description

Allows an attacker to arbitrarily route traffic on a domain or subdomain.

Risk: CRITICAL

Exploited in isolation, this risk has the potential to disrupt central organizational operations, destroy trust, or create significant liability. Alternatively, this risk gives attackers access to broadly provisioned identities that enable the above impacts (such as root privilege escalation risks).

Mitigations

  1. Restrict edit access to DNS records
  2. Use firewalls for internal networks

Links

  1. https:/​/​attack.mitre.org/​techniques/​T1584/​002/​
  2. https:/​/​attack.mitre.org/​techniques/​T1583/​002/​

Affected Privileges

An attacker may be able to exploit this risk if they gain any of the following privileges:

Google Cloud Platform

dns.gkeClusters.bindDNSResponsePolicy
dns.managedZones.delete
dns.networks.bindDNSResponsePolicy
dns.networks.bindPrivateDNSZone
dns.networks.targetWithPeeringZone
dns.resourceRecordSets.create
dns.resourceRecordSets.update
dns.responsePolicyRules.create
dns.responsePolicyRules.update
domains.registrations.configureDns
domains.registrations.configureManagement
© 2023–present P0 Security and contributors to the IAM Privilege Catalog