What is AWS Remote MCP Server?

Remote execution service for AWS CLI commands, public at aws-mcp.us-east-1.api.aws or self-hosted.

Does CVE-2026-4270 affect my AWS account?

If using old MCP versions (<1.3.9) or public endpoint pre-patch, yes—upgrade immediately.

How do I check if I'm vulnerable?

Query your MCP version via AWS CLI or inspector; scan for 0.2.14-1.3.8.

🕳️ Vulnerabilities & CVEs

AWS MCP Server's LFI Flaw: Authenticated Users Reading /etc/passwd via CLI Tricks

Q: How do I check if I'm vulnerable?

Query your MCP version via AWS CLI or inspector; scan for 0.2.14-1.3.8.

An authenticated user just needed a clever CLI shortcut to peek at AWS server files. Varonis's find in the Remote MCP Server rips open a hole even 'NO_ACCESS' couldn't plug.

CVE Watch Apr 12, 2026 3 min read

Diagram of AWS MCP LFI attack reading /etc/passwd via CLI shorthand syntax

⚡ Key Takeaways

LFI via AWS CLI shorthand (@=file://) bypasses NO_ACCESS in MCP Server, exposing host files like /etc/passwd. 𝕏
Impacts public AWS endpoint; patched in v1.3.9—upgrade all instances and forks now. 𝕏
Pattern alert: Remote CLI wrappers risk turning local features into remote leaks. 𝕏

Published by

CVE Watch

Threat intelligence. Zero noise.

#AWS CLI security #AWS CLI shorthand #AWS MCP Server #AWS MCP vulnerability #AWS vulnerability #CLI security #CVE-2026-4270 #LFI CVE #LFI CVE-2026-4270 #MCP Server #Varonis Threat Labs #cloud security flaw

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by Varonis Blog

⚡ Key Takeaways

The 60-Second TL;DR

CVE Watch

Share this article

Worth sharing?

Related Stories

UNC6201 Ditches BRICKSTORM for Sneakier GRIMBOLT in Dell Zero-Day Heist

Edge Decay: Attackers Are Breaching Your 'Secure' Firewall First

Rapid7 Cracks Open Cellular IoT: No Tamper Protections on Any Tested Device

Q4 2025: Vulnerabilities Explode, Exploits Feast

Stay in the loop