Critical AWS Ops Wheel Flaws Enable Admin Takeover via JWT Forgery and Cognito Abuse
AWS disclosed two severe vulnerabilities in AWS Ops Wheel that can let attackers seize administrative control of deployments and manipulate tenant data. CVE-2026-6911 is an authentication bypass caused by missing JWT signature verification at the API Gateway endpoint, allowing unauthenticated attackers to forge tokens and gain unintended admin access. AWS said successful exploitation could let attackers read, modify, and delete application data across tenants and manage Cognito user accounts in the deployment's User Pool; the flaw is tracked as CWE-347 and carries a critical CVSS v3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H rating.
AWS also fixed CVE-2026-6912, a privilege-escalation issue in Ops Wheel's Cognito User Pool configuration that let authenticated users promote themselves to deployment administrator by setting the custom:deployment_admin attribute through the UpdateUserAttributes API. The bug, classified as CWE-915, exposed the same ability to manage Cognito user accounts and carried a high-severity CVSS v3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H score. AWS directed customers to redeploy from the updated repository and apply the fixes to any forked or derivative code, with patches referenced in an AWS security bulletin, a GitHub pull request, and a GitHub security advisory.
Timeline
Apr 24, 2026
CVE-2026-6911 and CVE-2026-6912 are publicly recorded
On April 24, 2026, CVE records were published for two AWS Ops Wheel vulnerabilities: CVE-2026-6911, an authentication bypass via missing JWT signature verification, and CVE-2026-6912, a privilege-escalation flaw involving a self-writable Cognito custom attribute. The disclosures described potential impact including cross-tenant data access and Cognito user account management.
Apr 24, 2026
AWS fixes two privilege flaws in AWS Ops Wheel before pull request #165
AWS released updated AWS Ops Wheel code addressing two issues: missing JWT signature verification that allowed unauthenticated admin access, and a Cognito custom attribute misconfiguration that allowed authenticated users to escalate to deployment administrator. AWS advised customers to redeploy from the updated repository and patch any forked or derivative code.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Sources
Related Stories
AWS Research and Engineering Studio Flaws Enable Root Command Execution and AWS Privilege Escalation
AWS disclosed two high-severity vulnerabilities in **Research and Engineering Studio (RES)** that affect releases from `2025.03` through versions prior to `2026.03`. The first, **`CVE-2026-5707`**, is a `CWE-78` command injection flaw in virtual desktop session name handling that could let a remote authenticated attacker execute arbitrary commands as **root** on a virtual desktop host by supplying a crafted session name. The issue carries a CVSS v3.1 rating of `AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H`, reflecting high impact across confidentiality, integrity, and availability. AWS also disclosed **`CVE-2026-5708`**, a `CWE-915` privilege-escalation flaw in the RES `CreateSession` API caused by improper control of user-modifiable attributes. An authenticated attacker could use a crafted API request to escalate privileges, assume the virtual desktop host instance profile permissions, and access AWS resources and services. AWS directed customers to upgrade to **RES `2026.03`** or apply the vendor mitigation patch, with details published through an AWS security bulletin, a GitHub issue, and the RES `2026.03` release notes.
2 weeks ago
Windows Admin Center flaws exposed hybrid Azure and on-prem environments to takeover
Researchers disclosed multiple vulnerabilities in Microsoft **Windows Admin Center (WAC)** that could let attackers compromise hybrid environments spanning **Azure** and on-premises infrastructure. Cymulate said one exploit chain enabled **unauthenticated, one-click remote code execution** when a victim visited a malicious URL, combining response-based cross-site scripting, insecure redirect handling, and insecure credential storage to steal credentials, run arbitrary **PowerShell** commands, and capture Azure tokens. The issues affected both Azure-integrated and on-prem deployments, with the most severe risk falling on self-managed on-prem WAC instances that could be used to execute commands on managed servers and pivot into cloud resources. Additional flaws presented at Black Hat Asia were tracked as **`CVE-2025-64669`**, **`CVE-2026-20965`**, **`CVE-2026-23660`**, and **`CVE-2026-32196`**, including a non-write-protected on-prem WAC directory and weaknesses in proof-of-possession token validation that could allow token reuse or forgery and takeover of tenant VMs. Microsoft said Azure-managed instances received server-side fixes after responsible disclosure, and the company has patched the broader set of vulnerabilities with no evidence of active exploitation. Researchers urged organizations to update on-prem WAC immediately, remove outdated exposed instances, and treat both cloud and on-prem management planes as **tier-zero assets** because WAC can serve as a bidirectional path between the two environments.
1 weeks ago
AWS CodeBuild Webhook Filter Misconfiguration Enabled Potential Takeover of AWS GitHub Repositories
Security researchers at **Wiz** disclosed a critical **AWS CodeBuild** misconfiguration (dubbed **CodeBreach**) that could have enabled unauthenticated attackers to trigger CI builds from untrusted pull requests, access the build environment, and exfiltrate privileged credentials such as **GitHub admin tokens**. With those tokens, an attacker could have pushed malicious commits into AWS-managed open-source repositories—creating a high-impact **software supply chain** pathway that could have cascaded into widespread compromise, including risk to dependencies like the **AWS JavaScript SDK** and potentially components used by the **AWS Console** itself. AWS was notified on **2025-08-25** and remediated the issue in **September 2025**. The root cause was described as a weakness in CodeBuild’s webhook filtering logic intended to restrict which events/users can trigger builds; affected repositories used an `ACTOR_ID` regex filter that omitted the `^` and `$` anchors, allowing bypass of the intended match constraints. Reported impacted AWS-managed GitHub repositories included `aws-sdk-js-v3`, `aws-lc`, `amazon-corretto-crypto-provider`, and `awslabs/open-data-registry`, all configured to run builds on pull requests. Separate reporting on abuse of **self-hosted GitHub Actions runners** as backdoors (including the **Shai-Hulud** worm technique) is related at a thematic CI/CD level but does not describe the CodeBuild misconfiguration or the AWS repository takeover scenario.
1 months ago