A security vulnerability called “cross-tenant” has been detected by Datadog researchers in AppSync, a popular Amazon Web Services (AWS) tool. AppSync is a popular AWS service that allows developers to quickly create GraphQL and Pub/Sub APIs.

The vulnerability is due to a case-sensitivity parsing issue of the AppSync service that could potentially be used to bypass cross-account role usage validations and act as a service on customer accounts. Successful vulnerability exploitation allows threat actors to assume Identity and Access Management (IAM) roles in other AWS accounts.

appsec aws — Figure: Vulnerability flow diagram

The vulnerability detected on September 1, 2022, was immediately reported to AWS. AWS, which rescheduled the attack, verified the impact of the vulnerability and released a fix that fixed it. In addition, Amazon released a statement on Monday, November 21, confirming the details of the vulnerability and stating that no customers were affected by the vulnerability. There is no action for Amazon customers to take due to the vulnerability.

Amazon Fixes a Security Vulnerability Affecting AWS AppSync

Perspective of the Month | APT Groups

BellaCiao: The New Malware From Iran’s Charming Kitten

Security News Digest | Security Newsletter | April 27, 2023

Cyber Security Trends in 2023: What You Need to Know

We know what hackers know about you

Solutions

Use Case

Partners

Company