Critical vulnerabilities in Google Looker allow developer-level paths to full compromise

Tenable researchers identified a pair of vulnerabilities in the Looker business intelligence platform that combined to create a high-risk attack chain. An attacker who already holds developer-level credentials in a targeted instance could exploit one flaw to execute arbitrary code on the underlying systems and use the other to siphon the platform’s internal MySQL contents. The result is a potential path to full administrative control: secrets can be stolen, dashboards and data altered, and attackers can attempt lateral movement into broader corporate networks. In cloud-hosted Looker, the flaws carried the additional danger of crossing tenant boundaries, increasing blast radius in multi-tenant deployments. Google deployed fixes to its managed cloud service in late September 2025, and the vendor reported no evidence of active exploitation at the time of the patch. That mitigation reduces exposure for customers who rely on Google’s managed service, but self-hosted instances remain at risk until operators apply the corrected Looker release. From a defensive perspective, the incident underscores two recurring themes: privileged developer accounts are a frequent blind spot, and application-layer flaws that enable both code execution and data exfiltration accelerate an attacker from foothold to full compromise. Organizations should treat developer-level credentials as high-value assets, enforce least privilege, and apply network segmentation to limit the impact of any single compromised application. Detection controls should emphasize anomalous queries and unusual process launches tied to the analytics stack, while response plans must include secret rotation and integrity checks on data models and dashboards. For enterprises using on-premise Looker, fast patching is the primary technical fix; for cloud customers, continuous monitoring and tenant isolation controls remain important. Compliance and incident reporting teams should evaluate whether any sensitive datasets were reachable through affected instances, as exposures could trigger regulatory obligations. The combination of execution and data extraction capabilities elevates these flaws to critical status for data-heavy organizations that centralize analytics platforms.