diff --git a/prowler/providers/aws/services/cloudtrail/cloudtrail_threat_detector_enumeration/cloudtrail_threat_detector_enumeration.py b/prowler/providers/aws/services/cloudtrail/cloudtrail_threat_detector_enumeration/cloudtrail_threat_detector_enumeration.py
index ce9c723b93..36e9f68dc3 100644
--- a/prowler/providers/aws/services/cloudtrail/cloudtrail_threat_detector_enumeration/cloudtrail_threat_detector_enumeration.py
+++ b/prowler/providers/aws/services/cloudtrail/cloudtrail_threat_detector_enumeration/cloudtrail_threat_detector_enumeration.py
@@ -106,7 +106,18 @@ def execute(self):
         findings = []
         potential_enumeration = {}
         found_potential_enumeration = False
-        for trail in cloudtrail_client.trails:
+        multiregion_trail = None
+        # Check if any trail is multi-region so we only need to check once
+        for trail in cloudtrail_client.trails.values():
+            if trail.is_multiregion:
+                multiregion_trail = trail
+                break
+        trails_to_scan = (
+            cloudtrail_client.trails.values()
+            if not multiregion_trail
+            else [multiregion_trail]
+        )
+        for trail in trails_to_scan:
             for event_name in ENUMERATION_ACTIONS:
                 for event_log in cloudtrail_client.__lookup_events__(
                     trail=trail,
diff --git a/prowler/providers/aws/services/cloudtrail/cloudtrail_threat_detector_privilege_escalation/cloudtrail_threat_detector_privilege_escalation.py b/prowler/providers/aws/services/cloudtrail/cloudtrail_threat_detector_privilege_escalation/cloudtrail_threat_detector_privilege_escalation.py
index cc673c91a6..622297de03 100644
--- a/prowler/providers/aws/services/cloudtrail/cloudtrail_threat_detector_privilege_escalation/cloudtrail_threat_detector_privilege_escalation.py
+++ b/prowler/providers/aws/services/cloudtrail/cloudtrail_threat_detector_privilege_escalation/cloudtrail_threat_detector_privilege_escalation.py
@@ -67,7 +67,17 @@ def execute(self):
         findings = []
         potential_privilege_escalation = {}
         found_potential_privilege_escalation = False
-        for trail in cloudtrail_client.trails:
+        multiregion_trail = None
+        # Check if any trail is multi-region so we only need to check once
+        for trail in cloudtrail_client.trails.values():
+            if trail.is_multiregion:
+                multiregion_trail = trail
+        trails_to_scan = (
+            cloudtrail_client.trails.values()
+            if not multiregion_trail
+            else [multiregion_trail]
+        )
+        for trail in trails_to_scan:
             for event_name in PRIVILEGE_ESCALATION_ACTIONS:
                 for event_log in cloudtrail_client.__lookup_events__(
                     trail=trail,