Aws Privilege Escalation By Attach Policy
Description
Detects IAM policies that could allow privilege escalation through the ability to attach new policies to users. This is a critical security risk since it enables users to elevate their own permissions by attaching more permissive policies to themselves.
Detection Strategy
• Scans IAM policies for statements that allow 'iam:AttachUserPolicy' or 'iam:*' permissions
• Reports a vulnerability when an IAM policy contains an 'Allow' effect for these actions and includes a 'Resource' field
• Identifies each specific policy statement and action that grants these dangerous permissions
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.