CVE-2025-13524

CVSS 6.8 MEDIUMEPSS 0.2%CWE-404

Improper resource release in the call termination process in AWS Wickr before version 6.62.13 on Windows, macOS and Linux may allow a call participant to continue receiving audio input from another user after they close their call window. This issue occurs under certain conditions, which require the affected user to take a particular action within the application To mitigate this issue, users should upgrade AWS Wickr, Wickr Gov and Wickr Enterprise desktop version to version 6.62.13.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Productos afectados

AWS · Wickr AWS · Wickr Enterprise AWS · Wickr Gov

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://aws.amazon.com/security/security-bulletins/AWS-2025-029/https://docs.aws.amazon.com/wickr/latest/enterpriseadminguide/clients-release-notes-6.62.html