high

Security Flaw in AWS Transit Gateway Peering Attachments

Published Thu, Sep 12th, 2024
Platforms

Summary

A security flaw in AWS Transit Gateway Peering attachments allowed unauthorized acceptance of peering requests between regions. The exploit bypassed the approval step, granting potential unauthorized access to networks. AWS patched the issue on August 7, 2024, after being notified on July 25, 2024.

Affected Services

Transit Gateway

Remediation

Implement SCPs to block the AcceptTransitGatewayPeeringAttachment API call for untrusted accounts or use organization ID-based policies to secure the entire organization.

Tracked CVEs

No tracked CVEs

References

Entry Status
Stub (AI-Generated)
Disclosure Date
Thu, Jul 25th, 2024
Exploitablity Period
Until 2024/08/07
Known ITW Exploitation
-
Detection Methods
Monitor CloudTrail logs for unauthorized AcceptTransitGatewayPeeringAttachment API calls from external accounts. Implement alerts for unexpected state changes in Transit Gateway peering attachments.
Piercing Index Rating
-
Discovered by
James Sheard, DoiT