“Shadow Role” Vulnerability In AWS Services Could Lead To Full Account Takeover

A critical vulnerability in six AWS services, including Glue, SageMaker, and CodeBuild, allows attackers to gain control over cloud environments. The flaw, called “Shadow Role,” exploits AWS’s automatic creation of default IAM roles with overly permissive trust policies. Aqua Security responsibly disclosed the issue to AWS, who patched the services, and advises organizations to audit their IAM roles.