PT-2025-45164 · Amazon · Amazon Workspaces Client For Linux
Visionlink
·
Published
2025-11-05
·
Updated
2025-12-14
·
CVE-2025-12779
CVSS v3.1
8.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Amazon WorkSpaces client for Linux versions 2023.0 through 2024.8
Description
A flaw in the handling of the authentication token within the Amazon WorkSpaces client for Linux may allow exposure of the authentication token for DCV-based WorkSpaces to other local users on the same client machine. A local user may be able to extract another local user's authentication token and access their WorkSpace under certain circumstances.
Recommendations
Upgrade to Amazon WorkSpaces client for Linux version 2025.0 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Amazon Workspaces Client For Linux