IAM privilege escalation in multiple GCP services

Published Sun, Nov 22nd, 2020


Composer, Dataflow, Dataproc, Dataprep and Data Fusion all used the Compute Engine default service account by default and relied on product-level IAM permissions without requiring the iam.serviceAccount.actAs permission, meaning that users of these services could elevate their privileges. Following disclosure, GCP changed these services to require this permission.

Affected Services

Composer, Dataflow, Dataproc, Dataprep, Data Fusion


None required

Tracked CVEs

No tracked CVEs


Disclosure Date
Mon, Jun 3rd, 2019
Exploitablity Period
Ongoing, partially fixed on June 2020
Known ITW Exploitation
Detection Methods
Piercing Index Rating
Discovered by
Allison Donovan, Dylan Ayrey