CVE-2025-0500

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 15, 2025
CWE ID 295

Summary

CVE-2025-0500 is a vulnerability affecting the native clients for Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV Clients. This issue enables a man-in-the-middle attacker to gain unauthorized access to remote sessions, potentially compromising sensitive data or taking control of the affected system. The vulnerability arises due to insufficient security measures in the communication between the client and the server, allowing an attacker to intercept and manipulate data in transit. It is essential for users to apply the necessary security patches and updates to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share