Back to directory
WRITEUP #355

Amplified exposure: How AWS flaws made Amplify IAM roles vulnerable to takeover (CVE-2024-28056)

CloudPrivilege escalation
by@frichette_n(Nick Frichette)
Program
AWS
Published
Apr 13, 2024
Added to HackDex
May 11, 2024
Read Full Writeuphttps://securitylabs.datadoghq.com/articles/amplified-exposure-how-aws-flaws-made-amplify-iam-roles-vulnerable-to-takeover/
RELATED WRITEUPS
Addressed AWS defaults risks: OIDC, Terraform and Anonymous to AdministratorAccess
CloudOIDC
Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD
CloudPrivilege escalation
UnOAuthorized: Privilege Elevation Through Microsoft Applications
CloudPrivilege escalation
Escalating Privileges in Google Cloud via Open Groups
CloudPrivilege escalation
ConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud Functions
CloudPrivilege escalation

Built with ❤️ by Shubham Rawat