Amazon Fixes High-Severity Authentication Token Exposure in WorkSpaces Client for Linux (CVE-2025-12779)
Ddos 
Amazon has released a security update for the WorkSpaces client for Linux, addressing a high-severity vulnerability (CVE-2025-12779) that could allow local users to extract valid authentication tokens and gain unauthorized access to another user’s virtual WorkSpace.
The flaw, rated CVSS 8.8, affects Amazon WorkSpaces client versions 2023.0 through 2024.8 and has been patched in version 2025.0. Amazon urges all Linux users to upgrade immediately to protect against potential exploitation.
According to Amazon’s advisory, “Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2023.0 through 2024.8, may expose the authentication token for DCV-based WorkSpaces to other local users on the same client machine.”
CVE-2025-12779 stems from the improper handling of authentication tokens within the Linux version of the WorkSpaces client — a desktop virtualization tool that enables remote access to cloud-based desktops hosted on AWS infrastructure.
In practical terms, this flaw allows an unintended local user to extract a valid authentication token from a shared or multi-user Linux system. Once obtained, the token could be used to authenticate into another user’s WorkSpace session, effectively granting unauthorized access to files, applications, and internal systems.
As Amazon explains, “Under certain circumstances, an unintended user may be able to extract a valid authentication token from the client machine and access another user’s WorkSpace.”
While the vulnerability does not enable remote exploitation, its impact is significant in multi-user environments, such as corporate terminals, shared virtual machines, or thin-client deployments — common setups where multiple employees access WorkSpaces via the same Linux host.
Amazon has resolved the issue in version 2025.0 of the WorkSpaces client for Linux, introducing secure token handling and improved session isolation. Customers can download the updated version directly from the Amazon WorkSpaces Client Download page.
Related Posts:
- Google Patches Workspace Authentication Flaw, Thwarting Account Takeover Attempts
- Ivanti Patches High-Severity Credential Decryption Flaws in Workspace Control
- Google Workspace Introduces Workspace Flows and AI Enhancements
- Malicious VS Code Extension Masquerades as Zoom to Steal Chrome Cookies
- Claude AI Integrates with Google Workspace
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
