Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts

Staff Editor 2026-03-31
Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts

Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts

https://thehackernews.com/2026/03/vertex-ai-vulnerability-exposes-google.html

Publish Date: 2026-03-31 09:09:00

Source Domain: thehackernews.com

Ravie LakshmananMar 31, 2026Cloud Security / AI Security

Cybersecurity researchers have disclosed a security “blind spot” in Google Cloud’s Vertex AI platform that could allow artificial intelligence (AI) agents to be weaponized by an attacker to gain unauthorized access to sensitive data and compromise an organization’s cloud environment.

According to Palo Alto Networks Unit 42, the issue relates to how the Vertex AI permission model can be misused by taking advantage of the service agent’s excessive permission scoping by default.

“A misconfigured or compromised agent can become a ‘double agent’ that appears to serve its intended purpose, while secretly exfiltrating sensitive data, compromising infrastructure, and creating backdoors into an organization’s most critical systems,” Unit 42 researcher Ofir Shaty said in a report shared with The Hacker News.

Specifically, the cybersecurity company found that the Per-Project, Per-Product Service Agent (P4SA) associated with a deployed AI agent built using Vertex AI’s Agent Development Kit (ADK) had excessive permissions granted by default. This opened the door to a scenario where the P4SA’s default permissions could be used to extract the credentials of a service agent and conduct actions on its behalf.

After deploying the Vertex agent via Agent Engine, any call to the agent invokes Google’s metadata service and exposes the credentials of the service agent, along with the Google Cloud Platform (GCP) project that hosts the AI agent, the identity of the AI agent, and the scopes of the machine that hosts the AI agent.

Unit 42 said it was able to use the stolen credentials to jump from the AI agent’s execution context into the customer project, effectively undermining isolation guarantees and permitting unrestricted read access to all Google Cloud Storage buckets’ data within that project.

“This level of access constitutes a significant security risk, transforming the AI agent from a helpful tool into a…

Source

More Stories

Three highlights in latest DHS spending bill

Three highlights in latest DHS spending bill

Staff Editor 2026-06-05
Mountain Rides resolves cybersecurity threat | Transportation

Mountain Rides resolves cybersecurity threat | Transportation

Staff Editor 2026-06-05
NICC offers new computing and cybersecurity program for high school students | 97 Seven Country WGLR – The Tri-States Best Variety of Country

NICC offers new computing and cybersecurity program for high school students | 97 Seven Country WGLR – The Tri-States Best Variety of Country

Staff Editor 2026-06-05

Terms and Conditions - Privacy Policy