IMDS impersonation
Bulletin ID: AWS-2025-021 Scope: AWS Content Type: Important (requires attention) Publication Date: 2025/10/07 01:30 PM PDT Description: AWS is aware of a potential Instance Metadata Service (IMDS) impersonation issue that would lead to customers interacting with unexpected AWS accounts. IMDS, when running on an EC2 instance, runs on a loopback network interface and vends Instance Metadata Credentials, which customers use to interact with AWS Services. These network calls never leave the EC2 instance, and customers can trust that the IMDS network interface is within the AWS data perimeter. When using AWS tools (like the AWS CLI/SDK or SSM Agent) from non-EC2 compute nodes, there is a potential for a third party-controlled IMDS to serve unexpected AWS credentials. This requires the compute node to be running on a network where the third party has a privileged network position. AWS recommends that when using AWS Tools outside of the AWS data perimeter, customers follow the installation and configuration guides (AWS CLI/SDK or SSM Agent) to ensure this issue is mitigated. We also recommend that you monitor for IMDS endpoints that may be running in your on-prem environment to proactively prevent such impersonation issues from a third party. Affected versions: IMDSv1 and IMDSv2
CSIRTS triage
- What
- There is a potential Instance Metadata Service (IMDS) impersonation issue.
- Who is affected
- Customers using non-EC2 compute nodes that interact with AWS services.
- Urgency
- Remediation is important as it could lead to unexpected AWS account interactions.
- Action
- Review network configurations to ensure IMDS is not accessible from non-EC2 nodes.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch EC2
Get an email when a new EC2 advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://aws.amazon.com/security/security-bulletins/rss/aws-2025-021/
More from AWS Security Bulletins
- unknownCVE-2026-14904 - Improper Link Resolution in Auth.GetUserPrivateKey in AWS Research and Engineering Studio2026-07-07
- unknownCVE-2026-14471 - Authenticated SQL injection in the metrics-service retention policy subsystem of mcp-gateway-…2026-07-06
- unknownCVE-2026-14265- Deserialization of Untrusted Data in AWS Advanced JDBC Wrapper RemoteQueryCachePlugin2026-07-01
- unknownCVE-2026-13760 - OS Command Injection in NodejsFunction Docker Bundling in aws-cdk-lib2026-07-01
- unknownCVE-2026-13769 – Insecure file permissions in AWS CLI2026-07-01