Summary: Researchers have identified a security vulnerability in the Amazon EC2 Simple Systems Manager (SSM) Agent, which allows attackers to exploit path traversal flaws for privilege escalation and code execution. The flaw arises from improper validation of plugin IDs, enabling malicious users to execute arbitrary scripts with elevated privileges. This vulnerability was patched in version 3.3.1957.0 on March 5, 2025, following a responsible disclosure incident.
Affected: Amazon EC2 Simple Systems Manager (SSM) Agent
Keypoints :
- Vulnerability allows attackers to create directories in unintended filesystem locations.
- Improper validation of plugin IDs can result in privilege escalation and unauthorized code execution.
- Flaw was disclosed on February 12, 2025, and patched on March 5, 2025.
Source: https://thehackernews.com/2025/04/amazon-ec2-ssm-agent-flaw-patched-after.html