Rhino Security Labs

Strategic & Technical Blog

CVE-2022-25165:
Privilege Escalation to SYSTEM in AWS VPN Client

David Yesland
April 12, 2022

The AWS VPN Client application is affected by an arbitrary file write as SYSTEM, which can lead to privilege escalation and an information disclosure vulnerability that allows the user’s Net-NTLMv2 hash to be leaked via a UNC path in a…

CVE-2021-38112:
AWS WorkSpaces Remote Code Execution

Cloud Malware:
Resource Injection in CloudFormation Templates

Downloading and Exploring AWS EBS Snapshots

Ryan Gerstenkorn

AWS EBS snapshots are static backups of AWS EBS volumes. In other words, they are copies of the disks attached to an EC2 Instance at a specific point in time. EBS snapshots can be copied across regions and accounts, or even downloaded and…