Severe Amazon ECR Public Gallery Flaw Could Have Facilitated Massive Supply Chain Attack
A researcher at the cloud security company Lightspin recently discovered a flaw in the Amazon Web Services (AWS) Elastic Container Registry (ECR) Public Gallery that threat actors could have exploited to delete or modify container images with billions of downloads. The leveraging of an exploit in this manner would constitute a massive supply chain attack with far reaching effects. Fortunately, it seems that Amazon was able to fix this flaw before any threat actors managed to exploit it.
Amazon’s ECR Public Gallery is home to tens of thousands of publicly available container images, enabling organizations and individual users alike to download and launch containerized software. The top four images in this gallery each have over a billion downloads, and many more of the images have tens to hundreds of millions of downloads. The organizations and users that download popular images from this source rely on the security of the gallery, trusting that the images are stored and served without any meddling from threat actors.
Amazon’s ECR Public Gallery is home to tens of thousands of publicly available container images, enabling organizations and individual users alike to download and launch containerized software. The top four images in this gallery each have over a billion downloads, and many more of the images have tens to hundreds of millions of downloads. The organizations and users that download popular images from this source rely on the security of the gallery, trusting that the images are stored and served without any meddling from threat actors.
However, the Vice President of Security Research at Lightspin, Gafnit Amiga, discovered a vulnerability in the AWS ECR Public Gallery that threat actors could have exploited to tamper with any of the publicly available images. Within the main JavaScript file of the ECR Public Gallery, Amiga found a set of publicly undocumented API actions for deleting or modifying container images. While undocumented, these API actions were nonetheless active, meaning anyone who discovered them could leverage them for their own purposes, malicious or otherwise.
It took some tinkering and probing, but Amiga managed to create a Python script that invoked one of these undocumented API actions. The researcher then used this script to delete a test image created for this exercise, proving that the vulnerability could be exploited. Lightspin submitted this research and the proof of concept (PoC) to the AWS Security Outreach Team, which promptly notified the ECR Public team of the vulnerability. Together, the two teams fixed the vulnerability in under twenty-four hours.
AWS also searched its logs for any signs of abuse of the undocumented API actions and found nothing other than the researcher’s activity. Assuming this analysis didn’t miss any malicious activity, we can be assured that threat actors didn’t leverage the vulnerability to inject malicious payloads into any container images in the AWS ECR Public Gallery. In a security bulletin released by AWS, the company thanked Lightspin for reporting the vulnerability and said that the flaw is already fixed, requiring no customer action.
Top image courtesy of Tony Webster
It took some tinkering and probing, but Amiga managed to create a Python script that invoked one of these undocumented API actions. The researcher then used this script to delete a test image created for this exercise, proving that the vulnerability could be exploited. Lightspin submitted this research and the proof of concept (PoC) to the AWS Security Outreach Team, which promptly notified the ECR Public team of the vulnerability. Together, the two teams fixed the vulnerability in under twenty-four hours.
AWS also searched its logs for any signs of abuse of the undocumented API actions and found nothing other than the researcher’s activity. Assuming this analysis didn’t miss any malicious activity, we can be assured that threat actors didn’t leverage the vulnerability to inject malicious payloads into any container images in the AWS ECR Public Gallery. In a security bulletin released by AWS, the company thanked Lightspin for reporting the vulnerability and said that the flaw is already fixed, requiring no customer action.
Top image courtesy of Tony Webster
