Tenable Research, the research arm of Tenable Inc., a cybersecurity company, has found major security problems in Google Looker, a business tool used by more than 60,000 companies worldwide. These flaws could let hackers take control of Looker systems or steal sensitive company information.
The most serious issue is called a Remote Code Execution (RCE) flaw. This allows attackers to run their own commands on a Looker server, giving them full access to company data. In cloud setups, hackers could even reach other users’ data.
“This level of access is especially risky because Looker stores and manages a company’s critical information,” said Liv Matan, senior research engineer at Tenable, who led the discovery. “A breach could let attackers change data or move deeper into a company’s private network.”
The second flaw lets attackers steal Looker’s internal management database. Using a special technique, hackers could download sensitive login details and configuration information.
Google has fixed these issues on its own cloud service, but companies that run Looker on their own servers still need to apply security updates themselves. Without these patches, their systems remain vulnerable to attacks.
“Looker is often the heart of a company’s most important data. Protecting it is crucial, but it’s hard to make the system both powerful and secure,” Matan said.
Companies using Looker should check their systems for signs of hacking. This includes looking for unusual files in project folders and reviewing logs for strange errors or suspicious activity that could indicate an attack.