Researchers from Aqua report AWS vulnerabilities

In February 2024, a series of critical security vulnerabilities were identified across six AWS services, posing significant risks to organizations globally.

These vulnerabilities were rooted in a new attack vector called "Shadow Resources," where attackers could exploit automatically generated AWS assets, such as S3 buckets, often created without explicit user knowledge. Notably, two techniques, "Shadow Resource" and "Bucket Monopoly," were discovered, both of which could lead to resource squatting and significantly increase the success rate of an attack.

The affected services were:

1. CloudFormation: Attackers could preemptively create S3 buckets with predictable names in regions not yet used by the victim. This allowed them to either cause a DoS attack or escalate to more severe outcomes, such as injecting malicious code into the victim's CloudFormation templates, potentially leading to account takeover.

2. Glue: A predictable S3 bucket pattern was identified in Glue, allowing attackers to perform remote code execution (RCE) by injecting code into scripts stored in these buckets.

3. EMR: Similar to CloudFormation, EMR Studio used predictable S3 bucket names. Attackers could exploit this to inject malicious code into Jupyter notebooks, leading to XSS attacks or credential theft.

4. SageMaker: The SageMaker service created S3 buckets with predictable names. Attackers could intercept and manipulate sensitive data, leading to data leakage or the deployment of compromised models.

5. ServiceCatalog: This service exhibited a vulnerability similar to CloudFormation, where attackers could inject malicious resources into ServiceCatalog products, potentially deploying backdoors or malicious roles.

6. CodeStar: Although the service is slated for deprecation, a similar vulnerability was identified. Attackers could cause a DoS by pre-claiming S3 buckets needed by the service.

AWS responded to these vulnerabilities, patching them across all affected services. They implemented measures to prevent the pre-claiming of resources and notified users of any potentially impacted accounts.

While AWS has fixed these vulnerabilities, the underlying attack vector, "Shadow Resources," may still be applicable in other scenarios, including open-source projects. Users are advised to:

• Use trusted buckets: Implement scoped policies that restrict access to trusted S3 buckets only.
• Verify Bucket Ownership: Use tools like --expected-bucket-owner to ensure the S3 buckets in use belong to your account.
• Avoid Predictable Bucket Names: Use random or hashed identifiers in bucket names to prevent preemptive claiming by attackers.

The research was presented at Black Hat USA and DEF CON 32 in August 2024, where the vulnerabilities and the "Shadow Resource" attack vector were thoroughly explained.