Product
Adversaries may upload SSH public keys to AWS EC2 instances via the EC2 Instance Connect service using the `SendSSHPublicKey` or `SendSerialConsoleSSHPublicKey` API actions, which can serve as a mechanism for initial access, persistence, or privilege escalation, particularly if the `SendSerialConsoleSSHPublicKey` action is coupled with unauthorized serial console access.