Frichetten
commented
1 year ago Thank you for the contribution!
Closed gonda-praetorian closed 1 year ago
Frichetten
commented
1 year ago Thank you for the contribution!
This technique leverages a legacy autoscaling permission related to launch configurations and launch templates to create autoscaling groups with more privileged roles by abusing a confused deputy condition that trusts the EC2 service.
I plan to explain this attack path and constraints in a future blog post but I wanted to contribute this to the larger cloud security community.