More Info:

No EC2 security group should allow inbound traffic from RFC-1918 CIDRs in order to follow AWS security best practices.

Risk Level

Low

Address

Security

Compliance Standards

CBP

Triage and Remediation

Remediation

Using Console

Additional Reading: