Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

Ta829 and Unk_greensec share tactics and infrastructure in current malware

July 1, 2025

A new drawback in the IDES as a Visual Studio code allows for malicious bypassing bypassing the verified status

July 1, 2025

New Mattery Model for Browser Safety: Closing Risk in Last Mile

July 1, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » Amazon EC2 SSM AGEN
Global Security

Amazon EC2 SSM AGEN

AdminBy AdminApril 8, 2025No Comments2 Mins Read
Amazon EC2 SSM Agent Flaw
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


April 8, 2025Red LakshmananCloud security / vulnerability

Amazon EC2 SSM Agent Link

Cybersecurity researchers have revealed details of the lack of security at Amazon EC2 Simple Systems Manager (SSM), which, if used successfully, can allow the attacker to reach the escalation and the code.

Vulnerability can allow the attacker to create catalogs in unintentional places in the file system, perform arbitrary scenarios with root privileges and probably – Note In a report that shared with Hacker News.

Cybersecurity

Amazon SSM Agent is a component of Amazon Web Services (AWS), which allows administrators to manage, customize and perform commands on EC2 instances and local servers.

The software processes commands and tasks defined in SSM documentswhich may include one or more plugins, each responsible for performing certain tasks, such as launching shell scripts or automation activities related to deployment or configuration.

Moreover, the SSM agent dynamically creates directory and files based on plugins, usually based on the plugins within the directory structure. It also introduces the risk of safety that the incorrect check of these plugins can lead to potential vulnerabilities.

Opening Cymulate is a lack of a path that occurs as a result of improper inspection of plugins, which can allow the attackers to manipulate the file system and execute an arbitrary code with high privileges. The problem is rooted in a feature called “check -in” in unlinutil.go.

“This feature does not allow you to properly care for the entry, which allows the attackers to supply malicious plugins containing the path sequences (such as ../),” said the security researcher Helad Bebert.

Cybersecurity

As a result of this deficiency, the attacker may essentially provide a specially created plugin identifier when creating a SSM document (for example ../../../../../../Malicious_directory) to execute arbitrary commands or scripts in the main file system, opening the method of escalation and other action.

After the responsible disclosure of information on February 12, 2025, the vulnerability was considered March 5, 2025, with the Amazon SSM agent’s exit Version 3.3.1957.0.

“Add and use the Buildsafepath method to prevent the path into the orchestration catalog,” said the notes that share the project’s support on GitHub.

Found this article interesting? Keep track of us further Youter  and LinkedIn To read more exclusive content we publish.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

Ta829 and Unk_greensec share tactics and infrastructure in current malware

July 1, 2025

A new drawback in the IDES as a Visual Studio code allows for malicious bypassing bypassing the verified status

July 1, 2025

New Mattery Model for Browser Safety: Closing Risk in Last Mile

July 1, 2025

Google Patches Critical Lack of Zero Day in the V8 Chrome engine after active operation

July 1, 2025

US arrests in North Korean IT -Work scheme; Captures 29 domains and raids 21 laptops

July 1, 2025

Microsoft Removes Password Management from Authenticator app since August 2025

July 1, 2025
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

Ta829 and Unk_greensec share tactics and infrastructure in current malware

July 1, 2025

A new drawback in the IDES as a Visual Studio code allows for malicious bypassing bypassing the verified status

July 1, 2025

New Mattery Model for Browser Safety: Closing Risk in Last Mile

July 1, 2025

Google Patches Critical Lack of Zero Day in the V8 Chrome engine after active operation

July 1, 2025

US arrests in North Korean IT -Work scheme; Captures 29 domains and raids 21 laptops

July 1, 2025

Microsoft Removes Password Management from Authenticator app since August 2025

July 1, 2025

American agencies warn of Iranian protection cyber growth, OT networks and critical infrastructure

June 30, 2025

Europol demonstrates $ 540 million in cryptocurrency fraud, arrests five suspects

June 30, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

Ta829 and Unk_greensec share tactics and infrastructure in current malware

July 1, 2025

A new drawback in the IDES as a Visual Studio code allows for malicious bypassing bypassing the verified status

July 1, 2025

New Mattery Model for Browser Safety: Closing Risk in Last Mile

July 1, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.