Overview
AWS (Amazon Web Services) has released updates to fix vulnerabilities in their products. Users of affected versions are advised to update to the latest version.
Affected Products
CVE-2024-30165
- Amazon AWS Client VPN 3.9.1 previous version (macOS)
Resolved Vulnerabilities
Buffer overflow vulnerability that allows local attackers to execute arbitrary commands with elevated privileges (CVE-2024-30165)
Vulnerability Patches
Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.
CVE-2024-30165
- Amazon AWS Client VPN version 3.9.1 (macOS)
Referenced Sites
[1] CVE-2024-30165 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-30165
[2] AWS Client VPN for macOS
https://docs.aws.amazon.com/vpn/latest/clientvpn-user/client-vpn-connect-macos.html
Article Link: AWS VPN Client Security Update Advisory (CVE-2024-30165) – ASEC