Severe Amazon ECR Public Gallery Flaw Could Have Facilitated Massive Supply Chain Attack
Amazon’s ECR Public Gallery is home to tens of thousands of publicly available container images, enabling organizations and individual users alike to download and launch containerized software. The top four images in this gallery each have over a billion downloads, and many more of the images have tens to hundreds of millions of downloads. The organizations and users that download popular images from this source rely on the security of the gallery, trusting that the images are stored and served without any meddling from threat actors.
It took some tinkering and probing, but Amiga managed to create a Python script that invoked one of these undocumented API actions. The researcher then used this script to delete a test image created for this exercise, proving that the vulnerability could be exploited. Lightspin submitted this research and the proof of concept (PoC) to the AWS Security Outreach Team, which promptly notified the ECR Public team of the vulnerability. Together, the two teams fixed the vulnerability in under twenty-four hours.
AWS also searched its logs for any signs of abuse of the undocumented API actions and found nothing other than the researcher’s activity. Assuming this analysis didn’t miss any malicious activity, we can be assured that threat actors didn’t leverage the vulnerability to inject malicious payloads into any container images in the AWS ECR Public Gallery. In a security bulletin released by AWS, the company thanked Lightspin for reporting the vulnerability and said that the flaw is already fixed, requiring no customer action.
Top image courtesy of Tony Webster