Primary

Context

AWS Client VPN for macOS Local Privilege Escalation Vulnerability

Vulnerability

Patched

A local privilege escalation vulnerability has been identified in the AWS VPN Client for macOS, affecting versions 1.3.2 through 5.2.0. The issue arises from improper validation of the log destination directory during log rotation, which could allow a non-administrator user to create a symbolic link from a client log file to a privileged location. If the user then made crafted API calls that injected arbitrary code into the log file, this could be executed with root privileges upon log rotation. This vulnerability does not affect the Windows or Linux versions of the AWS VPN Client.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution with root privileges on the affected macOS system.

Remediation

Users are advised to upgrade to AWS VPN Client for macOS version 5.2.1 or the latest version available.

Added: Oct 7, 2025, 8:25 PM

Updated: Oct 7, 2025, 8:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.3

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.3

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AWS Client VPN for macOS Local Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

AWS Client VPN

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating