Hackers Strike AWS IMDS and Steal EC2 IAM Credentials by Exploiting Pandoc CVE-2025-51591
Hackers Strike AWS IMDS and Steal EC2 IAM Credentials by Exploiting Pandoc CVE-2025-51591
According to cloud security firm Wiz, it discovered that a Linux application named Pandoc had a security issue that was being exploited in the field as part of attacks intended to compromise Amazon Web Services’ (AWS) Instance Metadata Service (IMDS).
CVE-2025-51591 (CVSS score: 6.5) is the vulnerability in question. It is a case of Server-Side Request Forgery (SSRF), which enables attackers to compromise a target system by inserting a specially constructed HTML iframe element.
An essential part of the AWS cloud environment, the EC2 IMDS provides details about instances that are currently running as well as temporary, short-lived credentials if the instance is linked to an identity and access management (IAM) role. Any application running on an EC2 instance can access the instance metadata by using the link-local address (169.254.169[.]254).
By allowing programs to authenticate without storing credentials on the computer, these credentials can subsequently be used to safely communicate with other AWS services like S3, RDS, or DynamoDB, lowering the possibility of unintentional disclosure.
SSRF vulnerabilities in web applications are a popular way for attackers to obtain IAM credentials via IMDS. In essence, this entails deceiving the application that is executing on an EC2 instance into requesting IAM credentials from the IMDS service on its behalf.
According to Wiz researchers Hila Ramati and Gili Tikochinski, “if the application can reach the IMDS endpoint and is susceptible to SSRF, the attacker can harvest temporary credentials without needing any direct host access (such as RCE or path traversal).”
Therefore, if an attacker wants to target AWS infrastructure, they can seek SSRF vulnerabilities in web apps that operate on EC2 instances. Once they find them, they can access the instance metadata and steal IAM credentials. This threat is not hypothetical.
In early 2022, Google-owned Mandiant discovered that a threat actor it monitors as UNC2903 had been using credentials acquired through IMDS since July 2021 to attack AWS environments. This was done by taking advantage of an SSRF vulnerability (CVE-2021-21311, CVSS score: 7.2) in Adminer, an open-source database management tool, to enable data theft.
IMDS, or more precisely IMDSv1, is a request and response protocol, which makes it a prime target for malicious actors who target susceptible web apps that also use IMDSv1. This is the fundamental cause of the problem.
Resecurity cautioned in a research released last month that SSRF can have “severe and far-reaching” effects when it is used against cloud infrastructure such as AWS. These repercussions include network spying, cloud credential theft, and illegal access to internal services.
Because SSRF starts inside the server, it can go to endpoints that are shielded by perimeter firewalls. By doing this, the vulnerable application is essentially transformed into a proxy, which enables the attacker to: Get around IP whitelists [and] access internal resources that would otherwise be inaccessible,” the report stated.
According to Wiz’s most recent results, assaults against the IMDS service are still occurring, and adversaries are using SSRF flaws in obscure apps like Pandoc to make these attacks possible.
“The vulnerability, tracked as CVE-2025-51591, stems from Pandoc rendering <iframe> tags in HTML documents,” the researchers at Wiz stated. “This would allow an attacker to craft a <iframe> that points to the IMDS server, or other private resources.”
The AWS IMDS endpoint at 169.254.169[.]254 was the target of the attacker’s forged HTML documents with <iframe> elements and src attributes. Representing and exfiltrating the content of sensitive routes, namely /latest/meta-data/iam/info and /latest/meta-data/iam, was the goal.
It is recommended to use the “-f html+raw_html” or “–sandbox” options to stop Pandoc from incorporating the contents of iframe elements through the src attribute in order to reduce the risk posed by CVE-2025-51591 in cloud environments.
“[Pandoc maintainers] decided that rendering iframes is the intended behavior and that the user is responsible for either sanitizing the input or using the sandbox flags when handling user inputs,” Wiz stated.
“Although Amazon recommends implementing the IMDSv2 with GuardDuty enhancements, EC2 instances created by Amazon customers that instead use IMDSv1 may be at risk when combined with also running unpatched vulnerable third-party software,” researchers from Mandiant said at the time.
In order to limit the blast radius in the case of an IMDS compromise, organizations are advised to implement IMDSv2 on all EC2 instances and make sure that instances are allocated roles that adhere to the principle of least privilege (PoLP).
About The Author:
Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blogs, he also writes for brands including Craw Security, Bytecode Security, and NASSCOM.
Read More:
Know How a Powerful Atomic Credential Stealer is Infiltrating MacOS Apks
About Author
English