TF 0436 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
The root user has complete access to all services and resources in an AWS account. AWS Access Keys provide programmatic access to a given account.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | iam |
| Provider | AWS |
Description
AWS access keys are assigned to the root user, allowing programmatic access with unrestricted permissions. This practice exposes the entire AWS account to risk if the credentials are leaked or compromised.
Impact
If the root user's access keys are compromised, an attacker gains full control over all AWS resources, enabling actions such as data theft, service disruption, or complete account takeover. This can lead to severe data loss, financial impact, and reputational damage.
Resolution
Use lower privileged accounts instead, so only required privileges are available.