Cybersecurity experts have identified hazardous default identity and access management (IAM) roles affecting Amazon Web Services that may enable adversaries to elevate privileges, alter other AWS services, and, in certain instances, even completely take over AWS accounts.
“These roles, frequently generated automatically or suggested during the configuration process, provide excessively wide permissions, such as complete S3