The Dark Side of Flexibility: Detecting Risky Permission Chaining Attacks in Serverless Applications
Xunqi Liu
Network and Distributed System Security (NDSS) Symposium 2026 · Day 3 · Cloud Security
**Serverless computing** decomposes applications into small, event-driven functions that execute independently within their own permission boundaries. While IAM policies evaluate each function's permissions in isolation, the decentralized, dynamic nature of serverless execution creates **cross-function and cross-account permission chaining attacks** that centralized IAM systems cannot detect. This talk reveals a fundamental **architectural mismatch** between centralized, static permission management (IAM) and decentralized, dynamic function execution -- a mismatch that enables attackers who compromise a single function to escalate privileges across accounts by chaining individually acceptable permissions through **resource sharing mechanisms** like cross-account Lambda layer publishing. The researchers identified **28 risky applications** across two major cloud vendor serverless repositories, received **12 confirmations**, multiple **CVEs**, and **security bounties** from Google and other vendors.
AI review
Identifies a fundamental architectural mismatch between centralized IAM and decentralized serverless execution that enables cross-account privilege escalation through permission chaining. Real-world validated with CVEs and bounties from Google. Directly useful for cloud attack operators and red teams.