writeups.xyz / How Abusing AWS CloudFormation Led to a Total Takeover of an AWS Environment

Submitter : c2a

Date: 2 July 2023

Bounty : undisclosed

Vulnerabilities :

• Cloud
• Information Disclosure
• Privilege Escalation
• Account Takeover

Programs :

• Undisclosed

Authors :

• Matthew Keeley (@Nightbanes)

Link :
https://blog.prodefense.io/how-abusing-aws-cloudformation-led-to-a-total-takeover-of-an-aws-environment-7f94cabd671d