CVE-2026-7461
Bulletin ID: 2026-024-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/04/30 13:30 PM PDT Description: Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service that enables customers to deploy, manage, and scale containerized applications. The Amazon ECS agent supports mounting FSx for Windows File Server volumes in task definitions on Windows EC2 instances. We identified CVE-2026-7461, a command injection issue in FSx volume mounting that enables code execution with SYSTEM privileges via a specially crafted credentials in ECS task definitions. Impacted versions: Version 1.47.0 through 1.102.2 of the ECS Agent for Windows Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.
CSIRTS triage
- What
- There is a command injection issue in FSx volume mounting that enables code execution with SYSTEM privileges.
- Who is affected
- Deployments of ECS Agent for Windows versions 1.47.0 through 1.102.2.
- Urgency
- Remediation is important as it allows for remote code execution with high privileges.
- Action
- Update to a patched version of the ECS Agent.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch CVE-2026-7461
Get an email if CVE-2026-7461 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.
Exploitation outlook
- Low exploitation risk0.55% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 42% of all EPSS-scored CVEs.
Advisory coverage (1)
External references
Embed the live status
— this badge updates automatically when the KEV or exploit status changes. How to embed it →
[](https://www.csirts.com/cve/CVE-2026-7461)