A security flaw in Google Cloud’s Document AI service may leave sensitive data in Cloud Storage buckets vulnerable to theft, according to Kat Traxler, a principal security researcher at Vectra AI. Despite Google awarding a $3,133.70 bug bounty for the discovery, the tech giant has yet to fully resolve the issue, raising concerns over data security.
Traxler first identified the vulnerability in April 2024 and demonstrated how overly broad permissions in Document AI’s batch processing mode could allow attackers to bypass access controls. The flaw enables malicious actors to exfiltrate data from Google Cloud Storage to another location, potentially compromising sensitive information. Though Google initially labeled the issue as “fixed” in June, Traxler disputes this claim, stating the misconfiguration still poses a threat.
In response, Traxler presented a proof-of-concept (POC) showing how she exploited the permissions assigned to Document AI’s service agent to extract and alter a PDF file stored in a Cloud Storage bucket. Despite Google’s assertions, Traxler maintains the problem persists, allowing attackers to exploit Document AI’s pre-set permissions to access restricted data.
The ongoing issue underscores the need for improved security measures in cloud-based services, especially as organizations increasingly rely on AI-driven solutions to handle sensitive information.