H3-2024-0008

AWS Privilege Escalation - iam:UpdateAssumeRolePolicy

Category	SECURITY_MISCONFIGURATION
Base Score	7

Description

An AWS user or role assigned the iam:UpdateAssumeRolePolicy permission, that is not an administrator, can assume another role with more permissions.

Impact

This misconfiguration permits an AWS user to escalate permissions.

References

• UpdateAssumeRolePolicy - Documentation