Amazon updates Linux WorkSpaces client after security vulnerability.
SOPA Images/LightRocket via Getty Images
Although it is more common to see media headlines concerning dangers from hackers and scammers around the various Prime and Black Friday salesAmazon Web Services does not escape unscathed. Outages caused by DNSransomware attacks that are supposedly impossible to recover from, or, most aptly right now, high-severity cloud security vulnerabilities have all had their day. And that day has come again, this time as Amazon confirms another security vulnerability impacting Linux WorkSpace client users that requires immediate action to address. Here’s what you need to know about CVE-2025-12779.
Amazon Linux Authentication Security Warning As CVE-2025-12779 Confirmed
Amazon Web Services has issued a security bulletin, AWS-2025-025that warns of an improper handling of Linux WorkSpaces authentication tokens.
“Under certain circumstances,” Amazon said, “an unintended user may be able to extract a valid authentication token from the client machine and access another user’s WorkSpace.” Yes, this is as bad as it sounds, and is why the vulnerability in question, CVE-2025-12779very nearly hits critical status with an 8.8 Common Vulnerability Scoring System rating.
CVE-2025-12779 impacts an improper handling of the authentication token in the Linux client, specifically versions 2023.0 through 2024.8, and could result in exposure of the authentication token for DCV-based WorkSpaces to other local users on the same client machine.
I reached out to Amazon Web Services for a statement, and a spokesperson advised that “This issue was fixed in the Amazon WorkSpaces client for Linux version 2025.0. We recommend upgrading to this or a later version to remediate the issue.”
“We have proactively communicated with customers regarding the end of support for the impacted client versions,” Amazon has confirmed.
