Amazon WorkSpaces

Amazon discloses Linux WorkSpaces vulnerability in authentication tokens

2025년 11월 07일 AI에 의해 보고됨 AI에 의해 생성된 이미지

Amazon Web Services has revealed a security flaw in its WorkSpaces client for Linux that allows local attackers to extract authentication tokens and access other users' virtual desktops. The vulnerability, CVE-2025-12779, affects client versions from 2023.0 to 2024.8 and carries a CVSS score of 8.8. AWS urges immediate upgrades to version 2025.0 or later to mitigate the risk.