Privilege Escalation via World-Writable Sudoers File in Amazon AWS amazon-ssm-agent

Privilege Escalation via World-Writable Sudoers File in Amazon AWS amazon-ssm-agent

CVE-2022-29527 · HIGH Severity

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Amazon AWS amazon-ssm-agent before 3.1.1208.0 creates a world-writable sudoers file, which allows local attackers to inject Sudo rules and escalate privileges to root. This occurs in certain situations involving a race condition.

Learn more about our Aws Audit.