ALL POSTS

Key Findings Eight validated attack vectors discovered across AWS Bedrock environments, spanning log manipulation, knowledge base compromise, agent hijacking, flow injection, guardrail degradation, and prompt poisoning Attack chains begin with low-level permissions and escalate to reach critical enterprise assets including Salesforce, SharePoint, Active Directory, and databases Knowledge bases and agents represent the highest-value targets due to their direct connectivity to

Key Findings * Researchers discovered a vulnerability in AWS Bedrock AgentCore Code Interpreter * DNS queries can be exploited to leak sensitive data from supposedly isolated AI systems * Vulnerability received a high-risk severity score of 7.5/10 * AWS responded by updating documentation instead of creating a full patch * Potential risks include data breaches and infrastructure compromise Background AWS Bedrock is a platform for building AI applications, with the AgentCore C