Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting
A security flaw in the Google Vertex AI SDK enabled attackers to hijack model uploads via a bucket squatting technique. The vulnerability, reported by The Hacker News, allowed adversaries to intercept or replace machine learning models during the upload process to Google Cloud Storage buckets. By squatting on bucket names that were not yet created or were predictable, attackers could potentially inject malicious models into the supply chain of AI systems relying on Vertex AI. This could lead to compromised model integrity and downstream attacks on applications using those models. The exact impact and affected versions were not detailed in the source, but the flaw underscores risks in cloud-based AI development pipelines.
Attackers could inject malicious models into AI supply chains via Vertex AI uploads.