CVE-2025-4318 (CVSS 9.5): AWS Amplify RCE Flaw Exposed with PoC – CI/CD Pipelines at Risk

A critical vulnerability in AWS Amplify’s UI generation tool, @aws-amplify/codegen-ui, is putting developers—and their build pipelines—at serious risk. Tracked as CVE-2025-4318, the flaw has a staggering CVSS score of 9.5, and if exploited, could allow attackers to execute arbitrary system commands on CI/CD servers, leak AWS secrets, or hijack the underlying Node.js environment.

According to SecureLayer7’s detailed write-up, “the issue arises from improper input sanitization of JavaScript property expressions, resulting in remote code execution (RCE) during build or render time.”

AWS Amplify Studio allows developers to visually create UI components and define dynamic logic via stringified JavaScript expressions—e.g., for labels, placeholders, or form behavior. These expressions are stored as JSON and later parsed and evaluated during the build process.

Unfortunately, in vulnerable versions, these expressions were treated as safe by default. The vulnerable code looked like this:

export function evaluateExpression(expression: string): any {
  return eval(expression); // UNSAFE
}

As SecureLayer7 emphasized, “the system assumed expressions defined in component JSON were safe—ignoring scenarios where these JSONs might be generated or edited by external users.”

In their proof-of-concept, SecureLayer7 injected a malicious JavaScript snippet into the placeholder.value field of a component JSON. When the Amplify code generator parsed the expression, it ran as actual code—creating a file named /tmp/rce-success to prove successful exploitation.

“This is akin to copying a string from a form field and running it in your terminal as bash $user_input. Without strong validation, it gives full control to the attacker.”

In a CI/CD environment, this could be catastrophic—exposing environment variables, credentials, and tokens.

AWS responded by releasing version 2.20.3, replacing eval() with a stricter safeEval() function wrapped in a new sandbox.ts module.

if (!isValidExpression(expr)) {

    throw new Error(“Unsafe expression detected.”);

  }

  return Function(‘”use strict”; return (‘ + expr + ‘)’)();

}

function isValidExpression(expr: string): boolean {

  const blacklist = [‘require’, ‘process’, ‘child_process’, ‘global’, ‘Function’, ‘eval’];

  return !blacklist.some(word => expr.includes(word));

}

The new logic filters out dangerous keywords (require, process, child_process, etc.) and eliminates access to sensitive Node.js modules.

The researchers created a self-contained test lab replicating the vulnerability. It included:

• A malicious MaliciousRCEComponent.json
• A run.js script to simulate Amplify’s behavior
• A Python-based exploit script to automate injection

By running the setup, they triggered RCE locally, validating the vulnerability’s severity.

Related Posts:

• Critical AWS Amplify Studio Flaw Allows Code Execution – Update Now!
• Attackers Turn Digital Analytics Tools into Weapons, Experts Warn
• Ransomhub’s SCADA Hack: A Wake-Up Call for Industrial Cybersecurity