Cybersecurity researchers have discovered an "end-to-end privilege escalation chain" in Amazon ECS, dubbed ECScape. This allows attackers to hijack IAM privileges, turning a low-privileged app into a cloud-pilfering ninja. Sweet Security's findings highlight the need for stronger isolation models to prevent such cloud chaos.

Researchers from Sweet Security have identified a critical privilege escalation vulnerability chain in Amazon Elastic Container Service (ECS), dubbed "ECScape." This flaw allows attackers to perform lateral movement, access sensitive data, and potentially take full control of the cloud environment. The vulnerability was presented by Naor Haziz and highlights significant risks in container orchestration security. Amazon ECS is a widely used container management service that supports Docker containers. Privilege escalation vulnerabilities are particularly dangerous in cloud environments because they can lead to complete system compromise. ECScape is described as an end-to-end chain, suggesting it involves multiple steps or vulnerabilities that, when combined, allow attackers to escalate privileges beyond their intended access levels. The technical implications of this vulnerability are severe. Attackers exploiting ECScape could gain unauthorized access to sensitive information stored within containers or the underlying infrastructure. Lateral movement capabilities mean that an initial compromise could spread across the cloud environment, affecting multiple services and data stores. The potential for full cloud environment takeover underscores the critical nature of this vulnerability, as it could lead to complete loss of control over the affected infrastructure. The impact on the cybersecurity landscape is substantial. Cloud security is a cornerstone of modern IT infrastructure, and vulnerabilities in major services like AWS ECS can have wide-reaching consequences. This discovery may prompt organizations to reevaluate their container security strategies and implement additional safeguards against privilege escalation attacks. It also highlights the need for continuous monitoring and rapid patching in cloud environments. For organizations using Amazon ECS, immediate action is recommended. Reviewing and tightening access controls, monitoring for unusual lateral movement, and applying any available patches from AWS are critical steps. Additionally, organizations should consider implementing network segmentation and least-privilege access principles to limit the potential impact of such vulnerabilities. This vulnerability serves as a reminder of the evolving threat landscape in cloud security. As attackers become more sophisticated, organizations must remain vigilant and proactive in their security measures. Regular security assessments and penetration testing can help identify and mitigate similar vulnerabilities before they can be exploited.

A sophisticated technique dubbed “ECScape” that allows malicious containers running on Amazon Elastic Container Service (ECS) to steal AWS credentials from other containers sharing the same EC2 instance. The discovery highlights critical isolation weaknesses in multi-tenant ECS deployments and underscores the security advantages of AWS Fargate’s micro-VM architecture. The technique, developed by security researcher Naor Haziz, exploits an undocumented internal protocol between ECS agents and AWS’s control plane to exfiltrate IAM credentials across container boundaries. Unlike traditional container escape methods requiring host-level access, ECScape operates entirely within the container’s namespace while leveraging network manipulation to impersonate the ECS agent. The attack begins when a compromised container accesses the Instance Metadata Service (IMDS) at 169.254.169.254 to obtain the EC2 instance’s IAM role credentials. These credentials, typically used by the ECS agent for legitimate operations, become the foundation for the subsequent impersonation attack. Using the stolen instance credentials, attackers can discover the ECS control plane’s polling endpoint through the ecs:DiscoverPollEndpoint API and gather essential identifiers, including cluster ARNs and container instance ARNs. The malicious process then establishes a forged WebSocket connection to AWS’s Agent Communication Service (ACS), the internal channel through which ECS delivers task credentials to agents. ECScape Attack Abuses ECS Protocol By including the parameter sendCredentials=true in the WebSocket handshake, attackers can receive all IAM credentials for every task running on the shared EC2 instance. This includes both application role credentials and task execution role credentials, which often contain sensitive permissions for accessing AWS Secrets Manager, ECR repositories, and CloudWatch Logs. ECScape demonstrates particularly concerning stealth characteristics, as stolen credentials function identically to legitimate ones. AWS CloudTrail logs attribute API calls to the victim task’s role rather than the attacking container, making initial detection extremely challenging. The technique breaks fundamental assumptions about container isolation in ECS environments, allowing low-privileged tasks to assume the permissions of high-privileged containers on the same host. In demonstration environments, researchers showed how a container with deny-all IAM policies could successfully delete S3 buckets using stolen credentials from a neighboring task with S3 full access. The attack also enabled the extraction of sensitive secrets intended for other containers, effectively compromising the multi-tenant security model. AWS reviewed the findings through their coordinated disclosure program but classified the behavior as a design consideration rather than a vulnerability. The company emphasized that containers sharing EC2 instances are implicitly part of the same trust domain unless users implement proper isolation measures. Following the disclosure, AWS updated its documentation to explicitly warn that “tasks running on the same EC2 instance may potentially access credentials belonging to other tasks on that instance”. The company strongly recommends AWS Fargate for scenarios requiring stronger isolation guarantees. Security experts recommend several mitigation strategies: disabling or restricting IMDS access for containers through network controls or the ECS_AWSVPC_BLOCK_IMDS setting, avoiding co-location of high-privilege and low-privilege tasks on shared instances, implementing least-privilege IAM policies for all task roles, and deploying comprehensive CloudTrail monitoring to detect unusual credential usage patterns. Organizations running ECS on EC2 should treat each instance as a potential failure domain and consider migrating sensitive workloads to Fargate’s isolated micro-VM architecture for enhanced security boundaries. Equip your SOC with full access to the latest threat data from ANY.RUN TI Lookup that can Improve incident response -> Get 14-day Free Trial The post ECScape: Exploiting ECS Protocol on EC2 to Exfiltrate Cross-Task IAM and Execution Role Credentials appeared first on Cyber Security News .

A recently discovered vulnerability named ECScape in Amazon Elastic Container Service (ECS) allows low-privilege containers to steal high-privilege credentials. This vulnerability poses a significant threat to cloud environments, as it can lead to unauthorized access to critical resources. Although specific technical details about the vulnerability and its exploitation methods are not provided in the source article, the impact is clear: the compromise of high-privilege credentials can result in severe security breaches. For cybersecurity professionals, this vulnerability underscores the importance of adhering to the principle of least privilege. Even in containerized environments, it is crucial to limit container privileges to only what is necessary for their function. Additionally, robust monitoring and logging of container activities can help detect any unusual behavior that might indicate an exploitation attempt. The ECScape vulnerability could have a substantial impact on the cybersecurity landscape. Cloud environments are increasingly targeted by attackers, and vulnerabilities like this can provide them with a foothold to launch further attacks. Organizations must stay informed about such vulnerabilities and apply patches or mitigations promptly. In terms of actionable intelligence, cybersecurity teams should review their ECS configurations to ensure that containers are running with the least privileges necessary. They should also monitor for any unusual activity that might indicate an attempt to exploit this vulnerability. Furthermore, staying updated with official AWS security bulletins and applying recommended mitigations is crucial.

Naor Haziz’s discovery shows how a compromised container on EC2-backed ECS tasks can impersonate the ECS agent and steal IAM credentials from other tasks—without host access.

ECScape: Understanding IAM Privilege Boundaries in Amazon ECS

This post is Part 2 of our educational series on Amazon ECS security. In Part 1 – Under the Hood of Amazon ECS on EC2, we explored how the ECS agent, IAM roles and the ECS control plane provide credentials to tasks. Here we’ll demonstrate how those mechanisms can lead to a known risk when tasks with different privilege levels share the same EC2 host. This cross-task credential exposure highlights the inherent risks of relying on per-task IAM scoping and task execution boundaries when workloads share the same EC2 instance, and it underscores why…

Cybersecurity researchers have demonstrated an "end-to-end privilege escalation chain" in Amazon Elastic Container Service (ECS) that could be exploited by an attacker to conduct lateral movement, access sensitive data, and seize control of the cloud environment. The attack technique has been codenamed ECScape by Sweet Security researcher Naor Haziz, who presented the findings today at the

Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft Cybersecurity researchers have demonstrated an "end-to-end privilege escalation chain" in Amazon Elastic Container Service (ECS) that could be exploited by an attacker to conduct lateral movement, access sensitive data, and seize control of the cloud environment. The attack technique has been codenamed ECScape by Sweet Security researcher Naor Haziz, who presented the findings today at the Black Hat USA security conference that's being held in Las Vegas. "We identified a way to abuse an undocumented ECS internal protocol to grab AWS credentials belonging to other ECS tasks on the same EC2 instance," Haziz said in a report shared with The Hacker News. "A malicious container with a low‑privileged IAM [Identity and Access Management] role can obtain the permissions of a higher‑privileged container running on the same host." Amazon ECS is a fully-managed container orchestration service that allows ..

ECScape: Understanding IAM Privilege Boundaries in Amazon ECS

ECScape: Understanding IAM Privilege Boundaries in Amazon ECS

When running containers on Amazon ECS using EC2 instances, there’s a lot happening under the hood on each host. Understanding these internals is crucial for operating ECS securely. In this first part ...

What If I Told You One Rogue Container Could Hijack Others on the Same Server? Continue reading on InfoSec Write-ups »