Privilege Escalation Issue in Amazon ECS Leads to IAM Hijacking

A software developer discovered a way to abuse an undocumented protocol in Amazon’s Elastic Container Service to escalate privileges, cross boundaries, and gain access to other cloud resources.