@hulumi/drift: Orphan reconciler accepted externally supplied execute plans, GHSA-2ffm-hxrq-qqmm (High)

Listen to this Post

The `@hulumi/drift` package before version 1.3.2 contained a flaw in its orphan resource reconciliation logic. An “orphan reconciler” is a component that handles cloud resources no longer managed by Pulumi. The vulnerability allowed the reconciler to accept and act upon externally supplied “execute plans” – detailed instructions on how to modify or delete these orphan resources – without validating the plan’s provenance (origin or authenticity). This is a classic case of CWE-345: Insufficient Verification of Data Authenticity.

How it works:

  1. An attacker crafts a malicious `ExecutePlan` object containing dangerous reconciliation commands (e.g., DELETE, UPDATE, or `CREATE` of cloud resources).
  2. The attacker supplies this plan to the orphan reconciler’s API endpoint or a function that accepts external input, such as a webhook or a CI/CD trigger.
  3. The vulnerable code in `@hulumi/drift` versions before 1.3.2 fails to check the plan’s digital signature, source IP, or any other provenance metadata.
  4. The reconciler then executes the plan as if it were a trusted, internally generated instruction.
  5. This could lead to unauthorized infrastructure changes, data deletion, or resource creation, bypassing all normal governance and security controls.
    The fix in version 1.3.2 introduces provenance validation (e.g., checking SLSA attestations or a trusted plan ID) and rejects any plan that cannot be cryptographically verified.

dailycve form

Platform: `@hulumi/drift` npm
Version: `< 1.3.2` Vulnerability: Insufficient provenance verification Severity: High Date: 2026-05-15

Prediction: Patch already released (1.3.2)

What Undercode Say:

Check installed version
npm list @hulumi/drift
Upgrade to patched version
npm install @hulumi/[email protected]
Verify provenance (SLSA Level 3)
npm audit signatures --package @hulumi/drift
// Vulnerable code (pre-1.3.2)
class OrphanReconciler {
acceptExecutePlan(plan: ExecutePlan) {
// No provenance check
this.execute(plan);
}
}
// Fixed code (1.3.2+)
class OrphanReconciler {
acceptExecutePlan(plan: ExecutePlan) {
if (!this.verifyProvenance(plan)) {
throw new Error("Untrusted plan rejected");
}
this.execute(plan);
}
}

Exploit:

  1. Craft a malicious `ExecutePlan` JSON with a `DELETE` operation on a critical S3 bucket.

2. Send it to the orphan reconciler endpoint:

`POST /api/v1/orphan/execute`

`Content-Type: application/json`

`Body: {“plan”: {“type”: “DELETE”, “resource”: “arn:aws:s3:::critical-bucket”}}`

  1. The vulnerable `@hulumi/drift` version executes the plan, deleting the bucket.

Protection from this CVE

  • Immediate: Upgrade to `@hulumi/[email protected]` or later.
  • Mitigation: Block external access to the orphan reconciler API until upgrade is complete.
  • Defense-in-depth: Enable network policies and API authentication even after patching.

Impact

  • Direct: Unauthorized cloud resource deletion, modification, or creation.
  • Risk: Complete compromise of infrastructure-as-code state, data loss, and bypass of change management controls.
  • Scope: All applications using `@hulumi/drift` versions `< 1.3.2` with an externally accessible orphan reconciler.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top