VDB

GCVE-110-CLOUD-2025-0032

GCVE-110-CLOUD-2025-0032
Advisory Published
Vulnetix · Advisory published May 19, 2025
AWS's Account Assessment for AWS Organizations tool, designed to audit cross-account access, inadvertently introduced privilege escalation risks due to flawed deployment instructions. Customers were encouraged to deploy the tool in lower-sensitivity accounts, creating risky trust paths from insecure environments into highly sensitive ones. This could allow attackers to pivot from compromised development accounts into production and management accounts.

Affected Products

VendorProductVersionsPlatforms
AWSSSM
AWSSES

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›