A security vulnerability called “cross-tenant” has been detected by Datadog researchers in AppSync, a popular Amazon Web Services (AWS) tool. AppSync is a popular AWS service that allows developers to quickly create GraphQL and Pub/Sub APIs.

The vulnerability is due to a case-sensitivity parsing issue of the AppSync service that could potentially be used to bypass cross-account role usage validations and act as a service on customer accounts. Successful vulnerability exploitation allows threat actors to assume Identity and Access Management (IAM) roles in other AWS accounts.

appsec aws — Figure: Vulnerability flow diagram

The vulnerability detected on September 1, 2022, was immediately reported to AWS. AWS, which rescheduled the attack, verified the impact of the vulnerability and released a fix that fixed it. In addition, Amazon released a statement on Monday, November 21, confirming the details of the vulnerability and stating that no customers were affected by the vulnerability. There is no action for Amazon customers to take due to the vulnerability.

Amazon Fixes a Security Vulnerability Affecting AWS AppSync

Comparing Cyber Security Attacks in Q3 – Q4 of 2022 for the Manufacturing Sector

Critical RCE Alert on Western Digital My Cloud OS

Critical RCE Alarm in VMware vRealize Log Insight

Weekly Security News – Week 4

More than 19,000 Cisco Router Solutions Detected to be Vulnerable to RCE Attacks

Ransomware 101

Related Posts

Critical RCE Alert on Western Digital My Cloud OS

Critical RCE Alarm in VMware vRealize Log Insight

More than 19,000 Cisco Router Solutions Detected to be Vulnerable to RCE Attacks

Critical SQLi Alarm in CakePHP

We know what hackers know about you

Solutions

Use Case

Partners

Company