Amazon Web Services has revealed a security flaw in its WorkSpaces client for Linux that allows local attackers to extract authentication tokens and access other users' virtual desktops. The vulnerability, CVE-2025-12779, affects client versions from 2023.0 to 2024.8 and carries a CVSS score of 8.8. AWS urges immediate upgrades to version 2025.0 or later to mitigate the risk.
On November 5, 2025, AWS issued security bulletin AWS-2025-025, detailing CVE-2025-12779, a high-severity vulnerability in the Amazon WorkSpaces client for Linux. This flaw stems from improper handling of authentication tokens in versions 2023.0 through 2024.8, potentially exposing DCV-based WorkSpaces tokens to other local users on the same machine.
As described in the bulletin, “Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2023.0 through 2024.8, may expose the authentication token for DCV-based WorkSpaces to other local users on the same client machine. Under certain circumstances, an unintended user may be able to extract a valid authentication token from the client machine and access another user’s WorkSpace.” This enables attackers with local access to impersonate legitimate users, bypassing standard controls and potentially accessing sensitive data in virtual environments.
The issue poses risks in shared or multi-user Linux setups, common in enterprise remote work infrastructures. With a CVSS rating of 8.8, it nearly reaches critical status, highlighting threats from lateral movement in compromised systems. AWS has confirmed the fix in version 2025.0, available via the Amazon WorkSpaces Client Download page, and announced end-of-support for affected versions.
Organizations are advised to audit deployments, prioritize upgrades, and review access logs for unauthorized activity. AWS has proactively notified impacted customers, emphasizing patch management for remote access tools. This vulnerability underscores ongoing challenges in securing desktop virtualization against local exploits.
