## NASA PDS Lambda Security Gap: S3 get_object Missing Critical ExpectedBucketOwner Parameter
A critical security oversight has been identified in a NASA Planetary Data System (PDS) Lambda function, exposing a potential vector for confused deputy attacks. The function `pds-nucleus-s3-file-event-processor.py` is missing the `ExpectedBucketOwner` parameter in its S3 `get_object` call, a standard AWS security best practice for verifying bucket ownership. This omission strips away a vital defense-in-depth layer, particularly in cross-account access scenarios.

The vulnerability is located at line 232 of the Lambda code, where the function retrieves objects from an S3 bucket. Without the `ExpectedBucketOwner` parameter, the function cannot cryptographically verify that the bucket it is accessing belongs to the intended AWS account. This creates a security gap where an attacker with sufficient IAM policy manipulation privileges could potentially redirect the Lambda to interact with buckets in unauthorized accounts, leading to data exposure or manipulation.

This finding highlights a specific, actionable security risk within a NASA data pipeline. The PDS is a critical archive for scientific data from NASA's planetary missions, making the integrity of its data processing functions paramount. While the immediate impact is contingent on an attacker's ability to exploit IAM policies, the absence of this parameter represents a clear deviation from AWS security recommendations for serverless architectures handling sensitive data. The fix is straightforward but essential for hardening the system against a well-documented class of cloud security threats.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: AWS Security, Lambda, S3, NASA, Data Pipeline
- **Credibility**: unverified
- **Published**: 2026-04-17 15:22:52
- **ID**: 69720
- **URL**: https://whisperx.ai/en/intel/69720