Amazon Workspaces
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Amazon Workspaces.
Recent Amazon Workspaces Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 2025-11-05 | Improper authentication token handling in the Amazon WorkSpaces client for Linux | November 5, 2025 |
| 2025-01-15 | Issue with Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV (CVE-2025-0500 and CVE-2025-0501) | January 15, 2025 |
| 2023-10-06 | Issue with Amazon WorkSpaces Windows Client Version 5.9 and 5.10 | October 6, 2023 |
By the Year
In 2026 there have been 0 vulnerabilities in Amazon Workspaces. Last year, in 2025 Workspaces had 1 security vulnerability published. Right now, Workspaces is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 8.80 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 2 | 8.80 |
It may take a day or so for new Workspaces vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Amazon Workspaces Security Vulnerabilities
Amazon WorkSpaces Linux Client 2023-2024 Auth Token Leak to Local Users
CVE-2025-12779
8.8 - High
- November 05, 2025
Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2023.0 through 2024.8, may expose the authentication token for DCV-based WorkSpaces to other local users on the same client machine. Under certain circumstances, a local user may be able to extract another local user's authentication token from the shared client machine and access their WorkSpace. To mitigate this issue, users should upgrade to the Amazon WorkSpaces client for Linux version 2025.0 or later.
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Amazon Amazon WorkSpaces agent is affected by Integer Overflow
CVE-2021-43638
8.8 - High
- December 07, 2021
Amazon Amazon WorkSpaces agent is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
Integer Overflow or Wraparound
Amazon WorkSpaces agent is affected by Buffer Overflow
CVE-2021-43637
8.8 - High
- December 07, 2021
Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
Classic Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Amazon Workspaces or by Amazon? Click the Watch button to subscribe.
