Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

Rare Werewolf APT uses legitimate software in attacks on hundreds of Russian enterprises

June 10, 2025

CISA adds flaws of Erlang SSH and RoundCube to famous exploited directory vulnerabilities

June 10, 2025

More than 70 organizations in several sectors aimed at Chinese Cyber ​​Spying Group

June 9, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » Amazon EC2 SSM AGEN
Global Security

Amazon EC2 SSM AGEN

AdminBy AdminApril 8, 2025No Comments2 Mins Read
Amazon EC2 SSM Agent Flaw
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


April 8, 2025Red LakshmananCloud security / vulnerability

Amazon EC2 SSM Agent Link

Cybersecurity researchers have revealed details of the lack of security at Amazon EC2 Simple Systems Manager (SSM), which, if used successfully, can allow the attacker to reach the escalation and the code.

Vulnerability can allow the attacker to create catalogs in unintentional places in the file system, perform arbitrary scenarios with root privileges and probably – Note In a report that shared with Hacker News.

Cybersecurity

Amazon SSM Agent is a component of Amazon Web Services (AWS), which allows administrators to manage, customize and perform commands on EC2 instances and local servers.

The software processes commands and tasks defined in SSM documentswhich may include one or more plugins, each responsible for performing certain tasks, such as launching shell scripts or automation activities related to deployment or configuration.

Moreover, the SSM agent dynamically creates directory and files based on plugins, usually based on the plugins within the directory structure. It also introduces the risk of safety that the incorrect check of these plugins can lead to potential vulnerabilities.

Opening Cymulate is a lack of a path that occurs as a result of improper inspection of plugins, which can allow the attackers to manipulate the file system and execute an arbitrary code with high privileges. The problem is rooted in a feature called “check -in” in unlinutil.go.

“This feature does not allow you to properly care for the entry, which allows the attackers to supply malicious plugins containing the path sequences (such as ../),” said the security researcher Helad Bebert.

Cybersecurity

As a result of this deficiency, the attacker may essentially provide a specially created plugin identifier when creating a SSM document (for example ../../../../../../Malicious_directory) to execute arbitrary commands or scripts in the main file system, opening the method of escalation and other action.

After the responsible disclosure of information on February 12, 2025, the vulnerability was considered March 5, 2025, with the Amazon SSM agent’s exit Version 3.3.1957.0.

“Add and use the Buildsafepath method to prevent the path into the orchestration catalog,” said the notes that share the project’s support on GitHub.

Found this article interesting? Keep track of us further Youter  and LinkedIn To read more exclusive content we publish.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

Rare Werewolf APT uses legitimate software in attacks on hundreds of Russian enterprises

June 10, 2025

CISA adds flaws of Erlang SSH and RoundCube to famous exploited directory vulnerabilities

June 10, 2025

More than 70 organizations in several sectors aimed at Chinese Cyber ​​Spying Group

June 9, 2025

Two different botnets exploit the vulnerability of the WAZUH server to launch attacks based on peaceful

June 9, 2025

Think what your IDP or CASB covers the shadow? These 5 risks prove differently

June 9, 2025

Openai prohibits chatgpt accounts used by Russian, Iranian and Chinese hacking groups

June 9, 2025
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

Rare Werewolf APT uses legitimate software in attacks on hundreds of Russian enterprises

June 10, 2025

CISA adds flaws of Erlang SSH and RoundCube to famous exploited directory vulnerabilities

June 10, 2025

More than 70 organizations in several sectors aimed at Chinese Cyber ​​Spying Group

June 9, 2025

Two different botnets exploit the vulnerability of the WAZUH server to launch attacks based on peaceful

June 9, 2025

Think what your IDP or CASB covers the shadow? These 5 risks prove differently

June 9, 2025

Openai prohibits chatgpt accounts used by Russian, Iranian and Chinese hacking groups

June 9, 2025

Operation malicious network supply software gets to NPM and Pypi ecosystems, focusing on millions worldwide

June 8, 2025

Extension of the malicious browser has infected 722 users across Latin America since the beginning of 2025

June 8, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

Rare Werewolf APT uses legitimate software in attacks on hundreds of Russian enterprises

June 10, 2025

CISA adds flaws of Erlang SSH and RoundCube to famous exploited directory vulnerabilities

June 10, 2025

More than 70 organizations in several sectors aimed at Chinese Cyber ​​Spying Group

June 9, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.