Our research reveals "Agent God Mode" in Amazon Bedrock AgentCore. Overly broad IAM permissions a...

Amazon Bedrock AgentCore contains a privilege escalation vulnerability called 'Agent God Mode' that allows compromised agents to exploit overly permissive IAM policies to escalate privileges across AWS accounts and exfiltrate sensitive data including agent memories. Any organization running Bedrock agents with broad IAM permissions is at risk. This is a configuration flaw, not a patched CVE, making it immediately exploitable by attackers who compromise an agent.

HIGHAdvisoryApr 25, 2026

Action required

Audit all Amazon Bedrock agent IAM roles immediately. Apply least privilege principle: replace wildcard permissions with specific, limited actions. Implement principal of least privilege for bedrock:* and iam:* permissions. Document findings within 24 hours.

Affected products

AmazonAmazon BedrockAgentCore

Linked articles

Our research reveals "Agent God Mode" in Amazon Bedrock AgentCore. Overly broad IAM permissions a...

Source links

https://x.com/Unit42_Intel/status/2047790217210233013