Vulnerability in Amazon WorkSpaces client for Linux enables unauthorized access
Take action: If you're using Amazon WorkSpaces client for Linux, upgrade to version 2025.0. The flaw is exploitable on multi-user systems so central jump hosts or managed platforms used by multiple customers are at highest risk. AWS has ended support for all older versions, so this update is mandatory for security and continued support.
Learn More
Amazon Web Services has patched a high-severity security vulnerability in the Amazon WorkSpaces client for Linux that could allow malicious local users to extract valid authentication tokens and gain unauthorized access to other users' virtual desktop sessions.
The flaw is tracked as CVE-2025-12779 (CVSS score 8.8), and is caused by improper handling of authentication tokens within the Amazon WorkSpaces client for Linux. When vulnerable client versions operate on shared Linux systems or multi-user environments, they inadvertently leave DCV-based WorkSpaces authentication tokens accessible to other local users on the same machine. An attacker with command-line or system-level access on a shared machine could extract another user's valid authentication token from the client system and use it to access that user's WorkSpace session.
The vulnerability affects Amazon WorkSpaces client for Linux versions 2023.0 through 2024.8.
AWS patched this vulnerability in the Amazon WorkSpaces client for Linux version 2025.0 and has ended support for all affected client versions. Organizations are strongly urged to upgrade to version 2025.0 or newer.
