Privilege Escalation Vulnerability in Amazon AWS SSM Agent
CVE-2022-29527
7HIGH
What is CVE-2022-29527?
The Amazon AWS SSM Agent before version 3.1.1208.0 has a vulnerability that creates a world-writable sudoers file. This misconfiguration allows local attackers to inject malicious Sudo rules, potentially leading to unauthorized privilege escalation to root level. The issue arises from specific conditions associated with a race condition, making it critical for users to apply the latest security updates to mitigate risks.