Category: Amazon
-
Amazon WorkSpaces security vulnerability (CVE-2025-0501)
CVE-2025-0501 is a security vulnerability affecting native Amazon WorkSpaces clients that use the PCoIP protocol. The flaw is rooted in improper certificate validation (CWE-295), which can allow an attacker to conduct a man‑in‑the‑middle (MITM) attack. If exploited, an adversary may intercept or manipulate remote WorkSpaces sessions, thereby gaining unauthorized access. Affected Versions: The vulnerability has…
-
Amazon WorkSpaces, AppStream 2.0 and DCV security vulnerability (CVE-2025-0500)
CVE-2025-0500 is a security vulnerability identified in specific versions of native clients for Amazon WorkSpaces (using the Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV. This flaw could allow an attacker to perform a man-in-the-middle (MITM) attack, potentially granting unauthorized access to remote sessions. Affected Versions: Amazon has addressed this vulnerability in subsequent releases.…