CVE-2025-0501
Issue affecting Amazon WorkSpaces Clients (when running PCoIP protocol)
An issue in the native clients for Amazon WorkSpaces (when running PCoIP protocol) may allow an attacker to access remote sessions via man-in-the-middle.
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Amazon · WorkSpaces ClientWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://aws.amazon.com/security/security-bulletins/AWS-2025-001/https://docs.aws.amazon.com/workspaces/latest/userguide/amazon-workspaces-android-client.html#android-release-noteshttps://docs.aws.amazon.com/workspaces/latest/userguide/amazon-workspaces-linux-client.html#linux-release-noteshttps://docs.aws.amazon.com/workspaces/latest/userguide/amazon-workspaces-osx-client.html#osx-release-noteshttps://docs.aws.amazon.com/workspaces/latest/userguide/amazon-workspaces-windows-client.html#windows-release-notes