ConfusedComposer: A Privilege Escalation Vulnerability Impacting GCP Composer

Tenable Research disclosed "ConfusedComposer," a privilege-escalation flaw in GCP where updating a Cloud Composer environment to add a malicious PyPI package could cause Cloud Build to run attacker-controlled installation scripts, expose the default Cloud Build service account token, and enable full project takeover; GCP has changed Composer to use the environment service account for PyPI installs, updated documentation, and rolled fixes to new instances with updates for existing instances scheduled by April 2025.