{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/products/ecs-agent-for-windows/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":["ECS Agent for Windows"],"_cs_severities":["high"],"_cs_tags":["command injection","privilege escalation","cloud"],"_cs_type":"advisory","_cs_vendors":["Amazon"],"content_html":"\u003cp\u003eAmazon ECS Agent for Windows is susceptible to a command injection vulnerability within the FSx Windows File Server volume mounting process. This flaw, present in versions 1.47.0 through 1.102.2, allows a remote, authenticated attacker with the ability to register ECS task definitions or write to the Secrets Manager or SSM Parameter Store credentials used by the FSx volume configuration to execute arbitrary shell commands with SYSTEM privileges on the host. This is achieved through the use of specially crafted credentials within the ECS task definition, specifically the username field. Successful exploitation of this vulnerability could lead to complete compromise of the ECS Windows worker instance. The vulnerability was addressed in ECS agent version 1.103.0. ECS on Fargate is not affected.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker gains access to an AWS account with permissions to register ECS task definitions or write to Secrets Manager or SSM Parameter Store.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious ECS task definition. This definition includes an FSx Windows File Server volume configuration with a specially crafted username field containing a command injection payload.\u003c/li\u003e\n\u003cli\u003eThe attacker registers the crafted task definition with the ECS service using \u003ccode\u003eecs:RegisterTaskDefinition\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eWhen ECS attempts to mount the FSx volume, it retrieves the credentials from Secrets Manager or SSM Parameter Store.\u003c/li\u003e\n\u003cli\u003eDue to improper input validation, the command injection payload within the username field is executed by the Amazon ECS Agent for Windows.\u003c/li\u003e\n\u003cli\u003eThe malicious command is executed with SYSTEM privileges on the underlying host.\u003c/li\u003e\n\u003cli\u003eThe attacker leverages the SYSTEM privileges to install malware, exfiltrate data, or perform other malicious activities.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows a remote attacker to execute arbitrary commands with SYSTEM privileges on the affected ECS Windows worker instance. This could lead to complete system compromise, including data theft, malware installation, and denial of service. The scope of impact is limited to ECS Windows worker instances running vulnerable versions (1.47.0 through 1.102.2). ECS on Fargate is not affected.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to ECS agent version 1.103.0 or later on all ECS Windows worker instances to remediate the vulnerability.\u003c/li\u003e\n\u003cli\u003eRestrict \u003ccode\u003eecs:RegisterTaskDefinition\u003c/code\u003e permissions to trusted IAM principals only to limit the ability to register malicious task definitions.\u003c/li\u003e\n\u003cli\u003eRestrict write access to Secrets Manager secrets and SSM Parameter Store parameters referenced in FSx volume configurations.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-07T01:22:45Z","date_published":"2026-05-07T01:22:45Z","id":"/briefs/2024-01-09-amazon-ecs-agent-vuln/","summary":"Amazon ECS Agent for Windows versions 1.47.0 through 1.102.2 are vulnerable to command injection via specially crafted credentials in the FSx Windows File Server volume mounting process, potentially allowing a remote authenticated attacker to execute shell commands with SYSTEM privileges.","title":"Amazon ECS Agent for Windows Vulnerable to Command Injection","url":"https://feed.craftedsignal.io/briefs/2024-01-09-amazon-ecs-agent-vuln/"}],"language":"en","title":"CraftedSignal Threat Feed — ECS Agent for Windows","version":"https://jsonfeed.org/version/1.1"}