CP
cyberpings
VulnerabilitiesHIGH

AWS Bedrock Tool - Vulnerability Enables Data Exfiltration

SCSC Media
AWSBedrockDNS leaksdata exfiltrationBeyondTrust
🎯

Basically, a flaw in AWS Bedrock lets hackers steal data through DNS requests.

Quick Summary

A significant vulnerability in AWS Bedrock allows data exfiltration through DNS leaks. This flaw poses a risk to sensitive data for organizations. Immediate action is needed to mitigate potential breaches.

The Flaw

Cybersecurity researchers have identified a serious vulnerability within the AWS Bedrock AgentCore Code Interpreter. This flaw allows attackers to potentially exfiltrate sensitive data by exploiting how the tool handles DNS queries within its sandbox environment. Although AWS Bedrock's sandbox mode is designed to isolate AI code execution, it still permits DNS queries for A and AAAA records. This oversight creates a pathway for attackers to embed stolen data or commands within these DNS requests, effectively bypassing the isolation intended by the sandbox.

Researchers from BeyondTrust's Phantom Labs demonstrated a proof-of-concept system that enabled two-way communication with the AI, allowing data to be exfiltrated through these DNS queries. This vulnerability raises significant concerns about the security of data processed within AWS Bedrock, particularly for organizations relying on this tool for sensitive operations.

What's at Risk

The implications of this vulnerability are considerable. Organizations using AWS Bedrock for AI and machine learning tasks could find their sensitive data at risk. The flaw has been assigned a severity score of 7.5 out of 10, indicating a high level of concern. If exploited, this vulnerability could lead to unauthorized access to confidential information, impacting business operations and customer trust.

AWS was first alerted to this issue in September 2025, but a fix released in November was pulled due to technical issues. By December, AWS opted to update its documentation instead of providing a re-released patch. This decision has left many organizations vulnerable as they await a permanent solution.

Patch Status

Despite the severity of the vulnerability, AWS has not yet issued a definitive patch to resolve the issue. Instead, they have updated their documentation to clarify the functionality of Sandbox Mode. An AWS spokesperson acknowledged the report by researcher Kinnaird McQuade, thanking them for prompting the update. However, the lack of a robust fix raises concerns about the ongoing risk to users.

Organizations are encouraged to take proactive measures in response to this vulnerability. Experts advise migrating critical data from Sandbox mode to VPC mode and conducting thorough audits of IAM roles to enforce the principle of least privilege. These actions can help mitigate the risks associated with this vulnerability until a proper patch is implemented.

Immediate Actions

Organizations using AWS Bedrock should act swiftly to protect their data. Here are some recommended steps:

  • Migrate critical data from Sandbox mode to VPC mode to enhance security.
  • Audit IAM roles to ensure the principle of least privilege is enforced, minimizing access to sensitive data.
  • Stay informed about updates from AWS regarding this vulnerability and any forthcoming patches.
  • Consider implementing additional security measures, such as monitoring DNS queries for unusual activity.

By taking these actions, organizations can better safeguard their data against potential exploitation through this vulnerability in AWS Bedrock.

🔒 Pro insight: The lack of a timely patch for this vulnerability could lead to widespread exploitation, especially among organizations using AWS Bedrock for sensitive tasks.

Original article from

SC Media

Read Full Article

Share

Related Pings

HIGHVulnerabilities

WebKit Vulnerability - Apple Addresses Same-Origin Policy Bypass

Apple has addressed a serious WebKit vulnerability that could allow attackers to bypass security measures on iOS and macOS. Users must update their devices to protect sensitive data. This fix is part of Apple's ongoing commitment to user security.

The Hacker News·
CRITICALVulnerabilities

Critical IP KVM Flaws - Unauthenticated Root Access Exposed

Researchers have flagged nine critical flaws in IP KVM devices, allowing hackers to gain root access. Affected devices include GL-iNet and Angeet models. Immediate action is crucial to prevent extensive control over systems.

The Hacker News·
HIGHVulnerabilities

Ubuntu CVE-2026-3888 - Critical Privilege Escalation Flaw

A critical vulnerability in Ubuntu allows local attackers to gain root access. Default installations of Ubuntu Desktop 24.04 and later are affected. Immediate patching is essential to prevent system takeover. Stay updated to secure your systems.

The Hacker News·
HIGHVulnerabilities

Apple Issues Lightweight Security Updates for Vulnerabilities

Apple has launched Background Security Improvements to deliver timely security updates for iOS, iPadOS, and macOS. This initiative addresses vulnerabilities like CVE-2026-20643. Users can enable automatic updates to stay secure. Don't miss out on these essential patches!

Help Net Security·
HIGHVulnerabilities

WhatsApp Vulnerability - 4th View Once Bypass Discovered

A researcher has uncovered a fourth way to bypass WhatsApp's View Once feature. Meta will not fix this vulnerability, raising serious privacy concerns for users. This highlights ongoing issues with the app's security measures.

SecurityWeek·
HIGHVulnerabilities

Windows Vulnerability - RegPwn Enables Full System Access

A high-severity Windows vulnerability, RegPwn, allows low-privileged users to gain full SYSTEM access. This flaw poses significant risks, making it crucial for users to apply the latest patches. Stay informed and secure your systems against this exploit.

Cyber Security News·