Cybersecurity researchers have identified a critical vulnerability in continuous integration and continuous deployment (CI/CD) workflows, dubbed ‘Cordyceps,’ which exposes over 300 high-profile GitHub repositories to potential supply-chain attacks. This flaw allows unauthenticated attackers to hijack workflows, execute arbitrary code, and steal sensitive credentials, posing significant risks to major organizations, including Microsoft, Google, Apache, and Cloudflare.
Understanding the Cordyceps Vulnerability
The Cordyceps vulnerability stems from misconfigured CI/CD workflows that grant excessive permissions to pull requests (PRs). In standard development practices, PRs are used to propose code changes before merging them into the main project. However, when these PRs can trigger privileged workflows without proper restrictions, they become vectors for command injection and privilege escalation.
For instance, in Microsoft’s Azure Sentinel repository, a simple comment on a PR could enable an attacker to execute code within the CI environment and extract a non-expiring GitHub App key. Similarly, in Google’s AI Agent Development Kit (‘adk-samples’), a PR could be manipulated to run attacker-controlled code, granting full control over a Google Cloud repository.
Broader Implications and Affected Projects
The impact of the Cordyceps vulnerability is widespread, affecting numerous high-profile projects:
- Apache Doris: Two zero-click attacks allow a single comment or a forked PR to execute attacker code, leading to the exfiltration of hard-coded CI credentials or tokens with full write permissions.
- Cloudflare Workers SDK: A PR with a crafted branch name can run arbitrary commands on Cloudflare’s CI runners.
- Python Software Foundation’s Black: A single PR from any user could execute attacker code on Black’s build systems, enabling the theft of automation tokens used to approve PRs.
Following responsible disclosure, Microsoft and Google have acknowledged the impact, while Cloudflare, Python, and Apache have implemented patches and hardened their workflows to mitigate the risk.
This vulnerability underscores the critical need for organizations to audit and secure their CI/CD configurations. As software supply chains become increasingly complex, ensuring that untrusted data does not cross trust boundaries without proper validation is essential. Developers and security teams must collaborate to identify and rectify such misconfigurations to prevent potential exploitation.
