AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged

AWS’s Trusted Advisor tool, which is supposed to warn customers if their (cloud) S3 storage buckets are publicly exposed, could be “tricked” into reporting them as not exposed when they actually are, Fog Security researchers have found.

S3 access protection mechanisms

Amazon S3 provides several mechanisms for granting access to storage buckets:

• IAM users, roles, and policies: Users define who can access their S3 resources using fine-grained permissions
• Bucket policies: Users define who can access S3 buckets through a JSON policy attached directly to the bucket
• Access control lists (ACLs): A legacy method that AWS wants to see abandoned in favor of using bucket policies

(AWS also provides the “Block Public Access” feature, whose settings can override ACLs and bucket policies to stop unintended public access. By default, all new S3 buckets block all public access, but some users disable Block Public Access when an S3 bucket is meant to serve public content.)

(Mis)Trusted Advisor

Fog Security researchers have recently discovered that by tweaking certain bucket policies, S3 buckets and the potentially sensitive data inside them could be made accessible to anyone on the internet without Trusted Advisor telling users about this state of affairs.

Trusted Advisor can be fooled by:

• Setting the S3 bucket policy or the ACL to allow for public access
• Adding any deny policy that blocks Trusted Advisor from checking the bucket’s status. Specifically:
  • Deny s3:GetBucketPolicyStatus
  • Deny s3:GetBucketPublicAccessBlock
  • Deny s3:GetBucketAcl

By layering those together, the bucket is public and open to the world, but Trusted Advisor can’t “see” the real settings so it won’t flag this potential problem.

These policy changes could be made by malicious insiders (e.g., a disgruntled employee) or attackers who have obtained compromised AWS credentials, allowing them to potentially use those buckets for data exfiltration without raising suspicions, Fog Security founder Jason Kao told Help Net Security.

Legitimate users could also misconfigure or misapply bucket policies and inadvertently make buckets publicly accessible when they shouldn’t be and preventing Trusted Advisor from reporting these public S3 buckets as potentially insecure while performing Security Checks.

The good news is that they’ve privately reported this issue to AWS and, in June 2025, the company implemented fixes to solve it: Trusted Advisor now displays the correct status and will “warn” users about it.

AWS also sent out emails to users to notify them of the issue and the initial fix, though Kao feels that the communication downplayed the severity of the issue.

And, because his testing account did not get an email, he’s concerned that other AWS customers haven’t as well, and won’t be initiating a new Amazon S3 Bucket Permissions check to ensure that the only exposed S3 buckets are the ones they have knowingly chosen to expose.

What to do?

Fog Security advises AWS S3 users to enable AWS’s Block Public Access Settings at both the account and bucket level when possible, switch from using ACLs to using IAM policies, and check their S3 buckets and configuration to ensure data has not unintentionally been made public.

The company has also recently released an open-source tool that can help AWS users scan their S3 resources for access issues and help them retire ACLs.

Subscribe to our breaking news e-mail alert to never miss out on the latest breaches, vulnerabilities and cybersecurity threats. Subscribe here!