GitHub Vulnerability ‘ArtiPACKED’ Reveals Repositories to Potential Seizure
An exploit discovered recently in GitHub Actions artifacts known as ArtiPACKED has the potential to seize repositories and infiltrate organizations’ cloud environments.
“Mixing misconfigurations with security vulnerabilities can result in artifacts leaking tokens, including those of third-party cloud services and GitHub tokens, which can then be accessed by anyone with read privileges to the repository,” stated Yaron Avital, a researcher at Palo Alto Networks Unit 42, in a report released this week.
“This situation gives malicious actors possessing these artifacts the opportunity to compromise the services that these secrets provide access to.”
The cybersecurity firm noted that it primarily witnessed the exposure of GitHub tokens (for instance, GITHUB_TOKEN and ACTIONS_RUNTIME_TOKEN), which not only allows unauthorized access to repositories by malicious actors but also empowers them to contaminate the source code and have it deployed to production through CI/CD pipelines.
With GitHub artifacts, users are able to exchange data between tasks in a workflow and retain that data for up to 90 days after completion. This data may contain builds, log files, core dumps, test results, and deployment packages.
The issue here lies in the fact that these artifacts are publicly accessible in the case of open-source projects, turning them into a valuable resource for retrieving secrets like GitHub access tokens.
Specifically, the artifacts have revealed an unreported environment variable named ACTIONS_RUNTIME_TOKEN, which has a lifespan of approximately six hours and could be utilized to substitute an artifact with a malicious version before it expires.
This could create a vulnerability for remote code execution when developers directly download and execute the compromised artifact or if there is a subsequent workflow task set to activate based on previously uploaded artifacts.
Despite GITHUB_TOKEN becoming invalid at the end of a job, enhancements implemented to the artifacts feature with version 4 allowed attackers to exploit scenarios where they could steal and utilize the token by fetching an artifact while a workflow task is in progress.
The stolen token could then be leveraged to introduce malevolent code into the repository by initiating a new branch before the pipeline task concludes and invalidates the token. However, this attack depends on the workflow having the “contents: write” permission.
Several open-source repositories related to Amazon Web Services (AWS), Google, Microsoft, Red Hat, and Ubuntu have been identified as vulnerable to this exploit. GitHub, on its end, has classified the issue as informational, emphasizing that users need to secure their uploaded artifacts themselves.
“GitHub’s discontinuation of Artifacts V3 should urge organizations utilizing the artifacts mechanism to reassess their implementation,” Avital commented. “Often overlooked assets such as build artifacts tend to become attractive targets for attackers.”
About Author
