Instances should not have IP forwarding enabled
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | compute |
| Provider | |
| Vulnerability Type | misconfiguration |
Description#
Enabling IP forwarding on Google Compute instances allows the VM to send and receive network packets that are not specifically addressed to or from its own IP address, which bypasses standard network isolation controls.
Impact#
If exploited, attackers could use the instance to route or proxy unauthorized network traffic, potentially enabling lateral movement within the network, data exfiltration, or the compromise of other internal resources.
Resolution#
Disable IP forwarding