cR0w@cR0w@infosec.exchange
https://aws.amazon.com/security/security-bulletins/AWS-2025-017/
We identified CVE-2025-8904, an issue in the Amazon EMR Secret Agent component. The Secret Agent component securely stores secrets and distributes secrets to other Amazon EMR components and applications. When using Amazon EMR clusters with one or more Lake Formation, Apache Ranger, runtime role, or Identity Center feature that uses this component, Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges.