Cybersecurity experts have uncovered significant security flaws in default IAM roles in AWS that could allow attackers to escalate privileges and fully compromise AWS accounts. Additionally, a privilege escalation vulnerability in a utility used for mounting Azure Storage in Microsoft Azure environments has been addressed in recent updates. #AWS #IAMRoles #CloudSecurity #Azure #PrivilegeEscalation
Keypoints
- Default IAM roles in AWS created by services like SageMaker, Glue, and EMR have overly broad permissions that can be exploited by attackers.
- Misconfigured roles with AmazonS3FullAccess enable privilege escalation and lateral movement across AWS services within an account.
- Attackers can manipulate AWS resources such as S3 buckets, CloudFormation templates, and scripts to escalate privileges and compromise entire environments.
- AWS has addressed the identified issues by restricting the scope of default service roles and recommends proactive auditing.
- A separate privilege escalation flaw in Azure Storage mounting utility has been fixed in the latest software version, preventing lateral movement by malicious users.
Read More: https://thehackernews.com/2025/05/aws-default-iam-roles-found-to-enable.html