AWS Patches Critical Vulnerabilities in Amazon WorkSpaces, AppStream 2.0, and DCV

Amazon Web Services (AWS) has issued a security advisory for two critical vulnerabilities (CVE-2025-0500 and CVE-2025-0501) affecting Amazon WorkSpaces, AppStream 2.0, and DCV. These vulnerabilities could allow attackers to perform man-in-the-middle attacks and gain unauthorized access to remote sessions. AWS recommends urgent updates to mitigate the risk and protect user data. Read more about the details and patching instructions.

  Vulnerability Alerts   Jan 19, 2025  Add to Reading List
AWS Patches Critical Vulnerabilities in Amazon WorkSpaces, AppStream 2.0, and DCV

AWS Patches Critical Vulnerabilities in Amazon WorkSpaces, AppStream 2.0, and DCV

Amazon Web Services (AWS) has issued a critical security advisory addressing two vulnerabilities affecting native clients for Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV (Desktop Cloud Visualization). These vulnerabilities—CVE-2025-0500 and CVE-2025-0501—could allow attackers to execute man-in-the-middle (MITM) attacks and gain unauthorized access to remote sessions, posing significant risks for users.

Vulnerabilities Overview

CVE-2025-0500: This vulnerability affects clients using Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV when the Amazon DCV protocol is used. Malicious actors could exploit this flaw to intercept communications and access remote sessions, potentially compromising sensitive data.

  • Impacted Versions:
    • Amazon WorkSpaces: Windows client 5.20.0 or earlier, macOS client 5.20.0 or earlier, Linux client 2024.1 or earlier.
    • Amazon AppStream 2.0: Windows client 1.1.1326 or earlier.
    • Amazon DCV: Various affected versions across platforms including Windows, macOS, and Linux clients.

AWS recommends upgrading to the following fixed versions:

  • Amazon WorkSpaces: Windows client 5.21.0+, macOS client 5.21.0+, Linux client 2024.2+.
  • Amazon AppStream 2.0: Windows client 1.1.1332+.
  • Amazon DCV: Windows client 2023.1.9127+, macOS client 2023.1.6703+, Linux client 2023.1.6703+.

CVE-2025-0501: This issue is specific to Amazon WorkSpaces using the PCoIP protocol. Like CVE-2025-0500, it enables attackers to carry out MITM attacks on remote sessions, gaining unauthorized access.

  • Impacted Versions:
    • Amazon WorkSpaces: Windows client 5.22.0 or earlier, macOS client 5.22.0 or earlier, Linux client 2024.5 or earlier, Android client 5.0.0 or earlier.

The recommended fixed versions for CVE-2025-0501 are:

  • Amazon WorkSpaces: Windows client 5.22.1+, macOS client 5.22.1+, Linux client 2024.6+, Android client 5.0.1+.

Severity & Mitigation

Both vulnerabilities have been rated as high severity (CVSS score of 7.7) by AWS, with the potential for severe impact if exploited. Users of Amazon WorkSpaces, AppStream 2.0, and DCV are urged to upgrade their affected clients to the latest versions immediately to safeguard against these threats.

Implications of the Vulnerabilities

If left unpatched, these vulnerabilities could allow attackers to hijack remote sessions, potentially exposing sensitive data and compromising cloud environments. Security experts emphasize that this type of flaw underscores the ongoing challenges of maintaining security in cloud services and remote work solutions.

Best Practices for AWS Users:

AWS advises organizations to adopt best practices by staying informed of security advisories and regularly updating their software to mitigate security risks. Proactive vulnerability assessments and timely updates are crucial in maintaining a secure cloud infrastructure.

Additional Resources:

AWS has provided further guidance and information regarding these vulnerabilities. Users can find detailed security bulletins and patching recommendations here:

Click Here to Visit   

Tags