Secure cross-account access in AWS is complicated by common misconceptions that can lead to serious security risks. Organizations often underestimate the implications of trusting external principals, particularly when it comes to the management account and the direction of trust relationships, which can create dangerous privilege escalation pathways. It is crucial for organizations to align their cross-account trust policies with their security hierarchies to mitigate these risks effectively.