PT-2025-45343 · Amazon Web Services · Res+1
Published
2025-11-06
·
Updated
2025-11-06
·
CVE-2025-12815
CVSS v4.0
5.3
Medium
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
AWS Research and Engineering Studio versions prior to 2025.09
Description
An ownership verification issue exists in the Virtual Desktop preview page within the Research and Engineering Studio (RES) on AWS. This issue may allow a user with network access to view metadata from another user’s active desktop session, including periodic desktop preview screenshots.
Recommendations
Upgrade to version 2025.09 or above.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Research/Engineering Studio
Res