CVE-2025-12779_CVE-2025-12779

8.8 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Description

Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2023.0 through 2024.8, may expose the authentication token for DCV-based WorkSpaces to other local users on the same client machine. Under certain circumstances, a local user may be able to extract another local user's authentication token from the shared client machine and access their WorkSpace.

To mitigate this issue, users should upgrade to the Amazon WorkSpaces client for Linux version 2025.0 or later.

AI Analysis

Authentication token exposure in Amazon WorkSpaces client for Linux

Basic Information

ID CVE-2025-12779

Source AMZN

Published Nov 5, 2025 at 21:20

Modified Nov 5, 2025 at 21:40

Affected Product

Vendor Amazon

Product Amazon WorkSpaces

Version 2025.0

CWE Classification

CWE-497

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Amazon

Product Amazon WorkSpaces client for Linux

Version 2023.0-2024.8

References

aws.amazon.com /security/security-bulletins/AWS-2025-025/

{
    "lastseen": "",
    "description": "Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2023.0 through 2024.8, may expose the authentication token for DCV-based WorkSpaces to other local users on the same client machine. Under certain circumstances, a local user may be able to extract another local user's authentication token from the shared client machine and access their WorkSpace.\n\nTo mitigate this issue, users should upgrade to the Amazon WorkSpaces client for Linux version 2025.0 or later.",
    "published": "2025-11-05T21:20:51.567Z",
    "modified": "2025-11-05T21:40:20.892Z",
    "type": "cve",
    "title": "CVE-2025-12779",
    "source": "AMZN",
    "references": "https://aws.amazon.com/security/security-bulletins/AWS-2025-025/",
    "id": "CVE-2025-12779",
    "bulletinFamily": "",
    "cwe": [
        "CWE-497"
    ],
    "cvelist": null,
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Amazon WorkSpaces",
    "version": "2025.0",
    "vendor": "Amazon",
    "ai_description": "Authentication token exposure in Amazon WorkSpaces client for Linux",
    "ai_severity": "High",
    "ai_vendor": "Amazon",
    "ai_product": "Amazon WorkSpaces client for Linux",
    "ai_version": "2023.0-2024.8",
    "ai_score": 8.8
}