Amazon Braket SDK Insecure Deserialization Vulnerability in Job Results Processing Component Allowing Arbitrary Code Execution

A vulnerability allowing arbitrary code execution has been identified in the Amazon Braket SDK, specifically in versions 1.10.0 prior to 1.117.0. This issue arises from insecure deserialization in the job results processing component. The vulnerability can be exploited by a remote authenticated user with S3 write access to the job output bucket. By modifying the dataFormat field in the results.json file, it is possible to execute arbitrary code on any machine that processes the job results.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on machines processing the affected job results, with the executed code running under the permissions of the user who initiated the Braket job.

Remediation

Users are advised to upgrade to Amazon Braket SDK version 1.117.0 or later. If an immediate upgrade is not possible, S3 bucket policies should be restricted to enforce least-privilege access, ensuring only trusted principals have write permissions. Additionally, the dataFormat field in job result metadata should be validated before processing, rejecting results with an unexpected format.