Create aws-ec2-autoscaling-privilege-escalation-vulnerability (#408)

* Create aws-ec2-autoscaling-privilege-escalation-vulnerability

* Update aws-ec2-autoscaling-privilege-escalation-vulnerability

---------

Co-authored-by: Amitai Cohen <[email protected]>

Author: mer-b

vulnerabilities/aws-ec2-autoscaling-privilege-escalation-vulnerability

@@ -0,0 +1,29 @@
+title: AWS EC2 Autoscaling Privilege Escalation Vulnerability
+slug: aws-ec2-autoscaling-privilege-escalation-vulnerability
+cves: null
+affectedPlatforms:
+  - AWS
+affectedServices:
+  - Amazon EC2 Autoscaling
+image: https://images.unsplash.com/photo-1584986152939-01133e0d31a2?ixlib=rb-1.2.1&ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&auto=format&fit=crop&w=1173&q=80
+severity: High
+discoveredBy:
+  name: Shubham Agrawal
+  org: FINRA
+  domain: finra.org
+  twitter: null
+publishedAt: 2023/02/14
+disclosedAt: 2022/08/11
+exploitabilityPeriod: Until 2022/09/09
+knownITWExploitation: false
+summary: |
+  A privilege escalation vulnerability in Amazon EC2 Autoscaling was identified. The CreateLaunchConfiguration action lacked PassRole validation, allowing users to launch EC2 instances with unauthorized roles. AWS fixed the issue for both CreateLaunchConfiguration and CreateAutoScalingGroup actions, implementing proper PassRole validation when using the instance-id option.
+manualRemediation: |
+  None required. AWS has deployed fixes worldwide for both affected actions.
+detectionMethods: |
+  Monitor for unexpected EC2 instance launches or unusual role assignments in Autoscaling groups. Review CloudTrail logs for suspicious CreateLaunchConfiguration or CreateAutoScalingGroup API calls.
+contributor: https://github.com/ramimac
+entryStatus: Finalized
+references:
+  - https://www.finra.org/about/technology/blog/finra-security-engineer-finds-privilege-escalation-in-amazon
+  - https://medium.com/@shubham.agarawal95/bypassing-the-passrole-validation-in-amazon-ec2-autoscaling-be2471d27910