risks / Cryptographic exfiltration


Allows an attacker to export cryptographic material from a system. Implies "Account Takeover" when the cryptographic material is an account credential.


Exploited in isolation, this risk has the potential to disrupt central organizational operations, destroy trust, or create significant liability. Alternatively, this risk gives attackers access to broadly provisioned identities that enable the above impacts (such as root privilege escalation risks).


  1. Rotate credentials
  2. Avoid secret re-use


  1. https:/​/​attack.mitre.org/​techniques/​T1552/​

Affected Privileges

An attacker may be able to exploit this risk if they gain any of the following privileges:

Amazon Web Services

Google Cloud Platform

© 2023–present P0 Security and contributors to the IAM Privilege Catalog