github.com/aws/amazon-cloudwatch-agent is vulnerable to privilege escalation. The vulnerability exists when a user triggers a repair of the Agent which results in a pop-up window opening with SYSTEM permissions on Windows, allowing an attacker with administrative access to create a new command prompt as NT AUTHORITY\SYSTEM
, which leads to privilege escalation.
github.com/aws/amazon-cloudwatch-agent/commit/6119858864c317ff26f41f576c169148d1250837
github.com/aws/amazon-cloudwatch-agent/commit/6119858864c317ff26f41f576c169148d1250837#diff-76ed074a9305c04054cdebb9e9aad2d818052b07091de1f20cad0bbac34ffb52
github.com/aws/amazon-cloudwatch-agent/pull/543
github.com/aws/amazon-cloudwatch-agent/security/advisories/GHSA-j8x2-2m5w-j939