Our research shows it's possible to break the isolation in Amazon Bedrock AgentCore's sandbox usi...

Summary

Security researchers have disclosed a vulnerability in Amazon Bedrock AgentCore that allows attackers to break out of the sandbox isolation using DNS tunneling techniques to bypass network controls. The exploit enables data exfiltration and command-and-control (C2) communication, posing a significant risk to AI agent deployments on AWS. This research highlights critical gaps in the isolation mechanisms protecting generative AI workloads in managed cloud services.

Entities