Primary

Context

Bedrock AgentCore Starter Toolkit Improper S3 Ownership Verification Vulnerability Allowing Code Injection and Execution

Vulnerability

A vulnerability exists in the Bedrock AgentCore Starter Toolkit in all versions prior to v0.1.13, due to a missing verification of S3 ownership. This flaw may enable a remote actor to inject code during the build process, which could then be executed in the AgentCore Runtime. The issue specifically impacts users who built the Toolkit after September 24, 2025. Users on version v0.1.13 or later, as well as those on earlier versions who built the Toolkit before this date, are not affected.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution in the AgentCore Runtime.

Remediation

Users should upgrade to version v0.1.13 or later.

Added: Mar 16, 2026, 6:21 PM

Updated: Mar 16, 2026, 6:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.0

remediation

0.0

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.0

remediation

0.0

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Bedrock AgentCore Starter Toolkit Improper S3 Ownership Verification Vulnerability Allowing Code Injection and Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating