- Description
- An issue in the native clients for Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle.
- Source
- ff89ba41-3aa1-4d27-914a-91399e9639e5
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 7.7
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 5.9
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- ff89ba41-3aa1-4d27-914a-91399e9639e5
- CWE-295
- Hype score
- Not currently trending
AWS の脆弱性 CVE-2025-0500/0501 が FIX:WorkSpaces/AppStream 2.0/DCV クライアントに影響 https://t.co/B9iekjm4KV AWS クライアアントに存在する、2件の脆弱性が FIXしました。どちらも、CVSSv4 スコアは 7.7 と評価されています。ご利用のチームは、ご注意ください。 #Amazon #AppStream… https://t.co/bVPLG0rJrq
@iototsecnews
28 Jan 2025
54 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
سرویس آمازون یا همان AWS چندین آسیب پذیری با کدهای شناسایی CVE-2025-0500 و CVE-2025-0501 را برای محصولات Amazon WorkSpaces و Amazon AppStream 2.0 و Amazon NICE DCV اعلام نموده است. این آسیب پذیری ها از نوع mitm یا همان man in the middle می باشند. https://t.co/Poz3aKYxT1 https://t
@AmirHossein_sec
21 Jan 2025
22 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Amazon has patched critical vulnerabilities (CVE-2025-0500 & CVE-2025-0501) in WorkSpaces, AppStream 2.0, and DCV clients. These could enable MITM attacks. Update now! 💻🔒 #Amazon #CyberThreats #MITM #CybersecurityNews link: https://t.co/HOXcFZx8Vh https://t.co/48jhDBmQk
@TweetThreatNews
18 Jan 2025
38 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
AWS WorkSpaces, AppStream 2.0 ve DCV İstemcilerinde Kritik Güvenlik Açıkları (CVE-2025-0500 ve CVE-2025-0501) https://t.co/p2iPaMVOAk
@cyberwebeyeos
17 Jan 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0500 Man-in-the-Middle Vulnerability in Amazon Remote Client Software https://t.co/ouDGeghMry
@VulmonFeeds
16 Jan 2025
49 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes