CVE-2025-0501
Issue affecting Amazon WorkSpaces Clients (when running PCoIP protocol)
An issue in the native clients for Amazon WorkSpaces (when running PCoIP protocol) may allow an attacker to access remote sessions via man-in-the-middle.
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
Amazon · WorkSpaces ClientQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://aws.amazon.com/security/security-bulletins/AWS-2025-001/https://docs.aws.amazon.com/workspaces/latest/userguide/amazon-workspaces-android-client.html#android-release-noteshttps://docs.aws.amazon.com/workspaces/latest/userguide/amazon-workspaces-linux-client.html#linux-release-noteshttps://docs.aws.amazon.com/workspaces/latest/userguide/amazon-workspaces-osx-client.html#osx-release-noteshttps://docs.aws.amazon.com/workspaces/latest/userguide/amazon-workspaces-windows-client.html#windows-release-notes