Varonis Discovers Local File Inclusion In Aws Remote Mcp Server Via Cli Shorthand Syntax
Varonis, March 25,2026
Varonis uncovers a local file inclusion vulnerability in the AWS Remote MCP Server, exposing how authenticated access can lead to sensitive data exposure.
Varonis Threat Labs identified a Local File Inclusion (LFI) vulnerability in the AWS Remote MCP Server that allows an authenticated user to read arbitrary files from the underlying operating system, possibly leading to an attacker obtaining credentials or other privileged information from the hosting server.
At a high level, the vulnerability was triggered by certain AWS commands allow input from local files. When those commands were processed by the MCP server, information from those files could unintentionally surface through error messages. We were able to reproduce this behavior against the official public AWS MCP endpoint, underscoring the real‑world risk of the issue.