Lateral movement

Amazon ECS container runs as privileged

Compliance Frameworks
  • AWS Foundational Security Best Practices Controls
  • ,
  • Mitre ATT&CK


Amazon Elastic Container - ECS is a highly scalable, fast container management service that makes running, stopping, and managing containers on a cluster simple. A task definition defines your containers, which you use to run individual tasks or tasks within a service. It was detected that the ECS task definition {AwsEcsTaskDefinition} has 'privileged' parameter set to 'true' in container definition {AwsEcsTaskDefinition.ContainerDefinitions}. When the 'privileged' container parameter is set to 'true', the container is given elevated privileges on the host container instance (similar to the root user).