Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

Lightspin Research Team Discovers Cross-Account Access Vulnerability On AWS SageMaker Jupiter Notebook Instance

Through a previously unreported vulnerability, attackers could run any code on an AWS SageMaker Jupyter Notebook Instance across accounts, access the Notebook Instance metadata endpoint, and steal the access token for the attached role.

 Lightspin, the multi-layer cloud security platform that prioritizes and remediates critical vulnerabilities across hybrid cloud and Kubernetes environments, announced the discovery of a cross-account access vulnerability discovered in AWS’s SageMaker Jupyter Notebook Instance.

Recommended AI News: Aqua Security Achieves AWS Graviton Ready Designation

PREDICTIONS-SERIES-2022

 Lightspin’s research team found this vulnerability as part of its ongoing research into security in data science tools. The team investigated Amazon’s SageMaker which is a fully managed machine learning (ML) service in AWS. Amazon SageMaker helps data scientists and developers to prepare, build, train, and deploy high-quality machine learning (ML) models quickly by bringing together a broad set of capabilities purpose-built for ML. SageMaker launched in 2017 and is used by some of the world’s leading global enterprises, meaning any discovery of areas of exploitation could have widespread impact.

The research team investigated the potential vulnerabilities that could be attached to Amazon’s SageMaker, and more specifically the Jupyter Notebook Instances. During their research, the team found that potential attackers had been able to run any code on an AWS SageMaker Jupyter Notebook Instance across accounts. This allowed them to access the Notebook Instance metadata endpoint and steal access tokens for the attached role. Using the access token, the attacker could have read data from S3 buckets, created VPC endpoints, and taken more potentially harmful actions that were allowed by the SageMaker execution role and the “AmazonSageMakerFullAccess” policy.

Related Posts
1 of 40,717

Recommended AI News: Okera Expands Its Footprint with AWS to Power Universal Data Authorization

Since the discovery of this vulnerability, the Lightspin team contacted the AWS Security team to alert them of the findings. As of this writing, the vulnerability has since been remediated.

“It is nearly impossible for a company to have complete security control when a single app flaw can leave a door open to cyberattacks,” said Gafnit Amiga, Director of Research at Lightspin. “We believe in advanced research of managed services in order to enhance the product’s detection capabilities and to improve the resilience of the cloud providers for everyone.”

Recommended AI News: Gilead And AWS Collaborate On Development And Delivery Of New Medicines For Patients

[To share your insights with us, please write to sghosh@martechseries.com]

Comments are closed.