AWS VPN Client Security Update Advisory (CVE-2024-30165)

Overview

 

AWS (Amazon Web Services) has released updates to fix vulnerabilities in their products. Users of affected versions are advised to update to the latest version.

 

Affected Products

 

CVE-2024-30165

  • Amazon AWS Client VPN 3.9.1 previous version (macOS)

 

 

Resolved Vulnerabilities

 

Buffer overflow vulnerability that allows local attackers to execute arbitrary commands with elevated privileges (CVE-2024-30165)

 

Vulnerability Patches

 

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2024-30165

  • Amazon AWS Client VPN version 3.9.1 (macOS)

 

 

Referenced Sites

[1] CVE-2024-30165 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-30165

[2] AWS Client VPN for macOS

https://docs.aws.amazon.com/vpn/latest/clientvpn-user/client-vpn-connect-macos.html

Article Link: AWS VPN Client Security Update Advisory (CVE-2024-30165) – ASEC