🟠 High | Source: AWS Security Bulletins
A vulnerability in the AWS CLI for Unix-like systems allowed credential and configuration files to be written with world-readable permissions, meaning any local user on the same host could read another user’s AWS credentials. This affects all AWS CLI v1 versions up to and including 1.44.77 and v2 versions up to and including 2.34.28. On multi-user systems, this could lead to credential theft and unauthorised access to AWS environments.
Security Architect’s Take: Immediately upgrade to AWS CLI v1.44.78 or v2.34.29 or later on all Unix-like systems, and audit shared or multi-tenant hosts for any exposed credential files using ‘find ~ -name credentials -perm /o+r’. As a compensating control, enforce a restrictive umask (e.g. 0077) in user profiles and baseline AMIs to prevent world-readable file creation.
Original advisory: CVE-2026-13769 – Insecure file permissions in AWS CLI