EC2 instance vulnerabilities