LAS VEGAS - Researchers are detailing several now-fixed vulnerabilities across six AWS services, which range in impact from remote code execution to full account takeover.
The flaws were reported to AWS in February by Aqua Security, and all final fixes were confirmed on June 26. However, the details of the vulnerabilities haven’t been revealed until a session by Aqua Security’s Team Nautilus research group on Wednesday, here at Black Hat USA.
The uncovered flaws impact AWS CloudFormation, which allows users to manage infrastructure resources, the Glue serverless data integration service, Elastic MapReduce (EMR), the SageMaker machine learning platform and the ServiceCatalog central cloud management platform development service.
The issue stems from how services are created in new regions for the first time. During this process, S3 buckets are automatically created, which are online storage containers used for managing files and in some cases storing necessary operational data. Aqua Security researchers called these “shadow resources” due to the fact that these assets are automatically created, sometimes without the knowledge of the AWS account owner.
“Aqua Nautilus uncovered how attackers can discover the buckets’ names or guess predictable parts of the bucket name,” said Yakir Kadkoda, lead researcher at Aqua Security in an analysis released at Black Hat alongside the session. “Subsequently, using a method dubbed ‘Bucket Monopoly,’ the attackers can create these buckets in advance in all available regions, essentially performing a landgrab, then store malicious code in the bucket.”
An S3 bucket is automatically created with a specific name, which consists of a prefix, a 12-character hash, and the name of the region where the service is being utilized. While the region names for particular accounts vary, the bucket name consisting of the prefix and hash remains the same, meaning that the name could potentially be discoverable, said the researchers. One caveat to this attack is that researchers haven’t figured out how to specifically calculate the hash in the S3 bucket name, which is unique to each account and impossible to simply guess or brute force. However, researchers said they have identified numerous hashes used for AWS accounts by using GitHub regex searches or Sourcegraph, or other vectors that expose the hashes.
Kadkoda said that during Aqua Security’s research, hundreds of hashes from popular organizations were discovered, making this a “feasible” attack vector.
“In our research, we found that many examples of popular companies have CloudFormation hashes in their open-source repositories or in open issues, etc,” said Kadkoda. “Although the hash cannot be easily guessed for a specific organization and is more secure than an AWS account ID, it can still be considered secret data. Since the hash is unique per account and remains the same across all regions, an attacker only needs to find one bucket name of the victim’s CloudFormation to attack the victim in other regions… If the victim somehow exposes this bucket name, they become vulnerable to this attack vector.”
If an attacker was able to uncover the hash using these methods, researchers found that it is possible for them to set up buckets in AWS regions where the service hasn’t been used yet, and wait for a victim to leverage the AWS CloudFormation service in a new region. Then, attackers could use the attacker-controlled S3 buckets as part of the CloudFormation service.
“When the targeted organization enables the service in a new region for the first time, the malicious code will be unknowingly executed by the targeted organization, potentially resulting in the creation of an admin user in the targeted organization granting control to the attackers,” said researchers.
Through using these techniques, researchers found various impacts to different services, such as the ability to achieve remote code execution in Glue, leak or manipulate data in SageMaker and launch a denial of service attack in CloudFormation.
While AWS has mitigated the vulnerabilities reported by Aqua Security, researchers said that the attack vector might apply to other AWS services or open-source projects, and end users can take several mitigations to prevent an attack, including defining a policy for the role that’s used or assumed by the service in order to prevent users from accessing buckets, or adding verification steps.
“AWS is aware of this research," according to an AWS spokesperson. "We can confirm that we have fixed this issue, all services are operating as expected, and no customer action is required.”
This story was updated on Aug. 8 with a statement from AWS.