PT-2024-23218 · Amazon · Amazon Aws Client Vpn
Published
2024-05-28
·
Updated
2024-08-27
·
CVE-2024-30164
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Amazon AWS Client VPN versions prior to 3.11.1 on Windows
Amazon AWS Client VPN versions prior to 3.9.1 on macOS
Amazon AWS Client VPN versions prior to 3.12.1 on Linux
Description
A buffer overflow issue exists that could allow a local actor to execute arbitrary commands with elevated permissions.
Recommendations
For Windows, update to version 3.11.1 or later to resolve the issue.
For macOS, update to version 3.9.1 or later to resolve the issue.
For Linux, update to version 3.12.1 or later to resolve the issue.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Amazon Aws Client Vpn