Overly Permissive File Permissions in AWS CLI Affects Unix-like Systems
CVE-2026-13769

6.8MEDIUM

Key Information:

Vendor

Aws

Status
Vendor
CVE Published:
1 July 2026

What is CVE-2026-13769?

The AWS Command Line Interface (CLI) on Unix-like systems prior to versions 1.44.78 (v1) and 2.34.29 (v2) exhibits overly permissive file permissions when the umask setting is not properly configured. This vulnerability can potentially enable local users on the same host to access sensitive credentials that are generated by specific CLI subcommands such as aws codeartifact login, aws iam create-virtual-mfa-device, and aws deploy register. Users are strongly advised to upgrade to the recommended versions or later to mitigate this risk and ensure the integrity of their credentials.

Affected Version(s)

AWS CLI 0 <= 1.44.77

AWS CLI 0 <= 2.34.28

References

CVSS V4

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.