Remote Code Execution Vulnerability Found in AWS WorkSpaces

Rhino Security Labs researchers have identified a vulnerability in the AWS WorkSpaces desktop client that could allow an attacker to execute arbitrary code remotely.
Tracked as CVE-2021-38112, the security bug could be triggered when the user opens a malicious WorkSpaces URI from the browser, allowing a remote attacker to execute arbitrary code on the vulnerable system.
read more