Lateral movement

Amazon ECS container runs as privileged


Amazon Elastic Container - ECS is a highly scalable, fast container management service that makes running, stopping, and managing containers on a cluster simple. A task definition defines your containers, which you use to run individual tasks or tasks within a service. It was detected that the ECS task definition {AwsEcsTaskDefinition} has 'privileged' parameter set to 'true' in container definition {AwsEcsTaskDefinition.ContainerDefinitions}. When the 'privileged' container parameter is set to 'true', the container is given elevated privileges on the host container instance (similar to the root user).
  • Recommended Mitigation

    It is recommended to remove elevated privileges from your ECS task definition.