Listen to this Post
The `@hulumi/drift` package before version 1.3.2 contained a flaw in its orphan resource reconciliation logic. An “orphan reconciler” is a component that handles cloud resources no longer managed by Pulumi. The vulnerability allowed the reconciler to accept and act upon externally supplied “execute plans” – detailed instructions on how to modify or delete these orphan resources – without validating the plan’s provenance (origin or authenticity). This is a classic case of CWE-345: Insufficient Verification of Data Authenticity.
How it works:
- An attacker crafts a malicious `ExecutePlan` object containing dangerous reconciliation commands (e.g.,
DELETE,UPDATE, or `CREATE` of cloud resources). - The attacker supplies this plan to the orphan reconciler’s API endpoint or a function that accepts external input, such as a webhook or a CI/CD trigger.
- The vulnerable code in `@hulumi/drift` versions before 1.3.2 fails to check the plan’s digital signature, source IP, or any other provenance metadata.
- The reconciler then executes the plan as if it were a trusted, internally generated instruction.
- This could lead to unauthorized infrastructure changes, data deletion, or resource creation, bypassing all normal governance and security controls.
The fix in version 1.3.2 introduces provenance validation (e.g., checking SLSA attestations or a trusted plan ID) and rejects any plan that cannot be cryptographically verified.
dailycve form
Platform: `@hulumi/drift` npm
Version: `< 1.3.2`
Vulnerability: Insufficient provenance verification
Severity: High
Date: 2026-05-15
Prediction: Patch already released (1.3.2)
What Undercode Say:
Check installed version npm list @hulumi/drift Upgrade to patched version npm install @hulumi/[email protected] Verify provenance (SLSA Level 3) npm audit signatures --package @hulumi/drift
// Vulnerable code (pre-1.3.2)
class OrphanReconciler {
acceptExecutePlan(plan: ExecutePlan) {
// No provenance check
this.execute(plan);
}
}
// Fixed code (1.3.2+)
class OrphanReconciler {
acceptExecutePlan(plan: ExecutePlan) {
if (!this.verifyProvenance(plan)) {
throw new Error("Untrusted plan rejected");
}
this.execute(plan);
}
}
Exploit:
- Craft a malicious `ExecutePlan` JSON with a `DELETE` operation on a critical S3 bucket.
2. Send it to the orphan reconciler endpoint:
`POST /api/v1/orphan/execute`
`Content-Type: application/json`
`Body: {“plan”: {“type”: “DELETE”, “resource”: “arn:aws:s3:::critical-bucket”}}`
- The vulnerable `@hulumi/drift` version executes the plan, deleting the bucket.
Protection from this CVE
- Immediate: Upgrade to `@hulumi/[email protected]` or later.
- Mitigation: Block external access to the orphan reconciler API until upgrade is complete.
- Defense-in-depth: Enable network policies and API authentication even after patching.
Impact
- Direct: Unauthorized cloud resource deletion, modification, or creation.
- Risk: Complete compromise of infrastructure-as-code state, data loss, and bypass of change management controls.
- Scope: All applications using `@hulumi/drift` versions `< 1.3.2` with an externally accessible orphan reconciler.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

