Lateral movement

Privileged Role – Assume Role

Platform(s)
Compliance Frameworks

Brazilian General Data Protection (LGPD), CCM-CSA, CCPA, cis_8, CPRA, essential_8_au, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, PDPA, pipeda, UK Cyber Essentials

Description

An IAM Role is an identity with permission policies that determine what the identity can do in AWS. A role does not have any credentials (password or access keys) associated with it. Instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it. The role {AwsIamRole} was found with permissive permissions that allows the user the ability to assume any role, temporarily granting them any privileges given to that role. By allowing an entity to assume any role on the account, an attacker may choose to assume a highly privileged role, which may lead to full account takeover.
Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo