CVE-2026-9255: CWE-862: Missing Authorization in AWS Kiro CLI
Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary tools, including shell commands, without user approval by crafting content that is piped to kiro-cli via stdin. We recommend you to upgrade to kiro-cli version 1.28.0 or later.
AI Analysis
Technical Summary
The vulnerability identified as CVE-2026-9255 affects AWS Kiro CLI before version 1.28.0. It is caused by missing input source validation in the tool authorization prompt, which allows a local attacker to bypass user approval and execute arbitrary tools or shell commands by supplying crafted content through stdin. This flaw corresponds to CWE-862 (Missing Authorization). The CVSS 3.1 base score is 7.8, reflecting high impact with local attack vector, low attack complexity, no privileges required, user interaction required, unchanged scope, and high impact on confidentiality, integrity, and availability. AWS has released a fixed version (1.28.0) and recommends upgrading to mitigate the vulnerability. The service is cloud-hosted, and AWS manages remediation accordingly.
Potential Impact
Successful exploitation allows a local attacker to execute arbitrary tools or shell commands without user approval, potentially leading to full compromise of confidentiality, integrity, and availability of the affected system. This can result in unauthorized command execution and control over the Kiro CLI environment. No known exploits are currently reported in the wild.
Mitigation Recommendations
AWS recommends upgrading to Kiro CLI version 1.28.0 or later, which includes a fix for this vulnerability. Since this is a cloud-hosted service, AWS manages remediation on their side. Users should follow the vendor advisory at https://aws.amazon.com/security/security-bulletins/2026-035-aws/ for the latest guidance and ensure their Kiro CLI installations are updated promptly.
CVE-2026-9255: CWE-862: Missing Authorization in AWS Kiro CLI
Description
Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary tools, including shell commands, without user approval by crafting content that is piped to kiro-cli via stdin. We recommend you to upgrade to kiro-cli version 1.28.0 or later.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability identified as CVE-2026-9255 affects AWS Kiro CLI before version 1.28.0. It is caused by missing input source validation in the tool authorization prompt, which allows a local attacker to bypass user approval and execute arbitrary tools or shell commands by supplying crafted content through stdin. This flaw corresponds to CWE-862 (Missing Authorization). The CVSS 3.1 base score is 7.8, reflecting high impact with local attack vector, low attack complexity, no privileges required, user interaction required, unchanged scope, and high impact on confidentiality, integrity, and availability. AWS has released a fixed version (1.28.0) and recommends upgrading to mitigate the vulnerability. The service is cloud-hosted, and AWS manages remediation accordingly.
Potential Impact
Successful exploitation allows a local attacker to execute arbitrary tools or shell commands without user approval, potentially leading to full compromise of confidentiality, integrity, and availability of the affected system. This can result in unauthorized command execution and control over the Kiro CLI environment. No known exploits are currently reported in the wild.
Mitigation Recommendations
AWS recommends upgrading to Kiro CLI version 1.28.0 or later, which includes a fix for this vulnerability. Since this is a cloud-hosted service, AWS manages remediation on their side. Users should follow the vendor advisory at https://aws.amazon.com/security/security-bulletins/2026-035-aws/ for the latest guidance and ensure their Kiro CLI installations are updated promptly.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- AMZN
- Date Reserved
- 2026-05-21T20:55:28.520Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Is Cloud Service
- true
- Vendor Advisory Urls
- [{"url":"https://aws.amazon.com/security/security-bulletins/2026-035-aws/","vendor":"AWS"}]
Threat ID: 6a108f08e1370fbb48262711
Added to database: 5/22/2026, 5:14:48 PM
Last enriched: 5/22/2026, 5:29:44 PM
Last updated: 5/22/2026, 6:17:04 PM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.