CVE Details
Basic Information
| Title | Local Privilege Escalation Vulnerability in AWS Client VPN Windows Client |
|---|---|
| Type | cve |
| Published | 2025-07-23T15:41:40.310Z |
| Modified | 2025-07-23T16:21:48.305Z |
Product Information
| Vendor | AWS |
|---|---|
| Product | Client VPN |
| Version | 4.1.0 |
CVSS Information
| Base Score | 7.3 (HIGH) |
|---|---|
| Attack Vector | CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
AI Analysis
| AI Description | A vulnerability in the AWS Client VPN for Windows allows non-admin users to place malicious code in a configuration file, which could be executed with admin privileges during installation. This issue is resolved in version 5.2.2. |
|---|---|
| AI Severity | High |
| AI Vendor | AWS |
| AI Product | AWS Client VPN |
| AI Version | 4.1.0, 5.0.0 |
Affected Products
- AWS Client VPN 4.1.0
- AWS Client VPN 5.0.0
Additional Information
| CWE List | CWE-276 |
|---|---|
| Source | AMZN |
Description
During the AWS Client VPN client installation on Windows devices, the install process references the C:\usr\local\windows-x86_64-openssl-localbuild\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If an admin user starts the AWS Client VPN client installation process, that code could be executed with root-level privileges. This issue does not affect Linux or Mac devices.
We recommend users discontinue any new installations of AWS Client VPN on Windows prior to version 5.2.2.