CVE-2025-8069

During the AWS Client VPN client installation on Windows devices, the install process references the C:\usr\local\windows-x86_64-openssl-localbuild\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If an admin user starts the AWS Client VPN client installation process, that code could be executed with root-level privileges. This issue does not affect Linux or Mac devices. We recommend users discontinue any new installations of AWS Client VPN on Windows prior to version 5.2.2.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://aws.amazon.com/security/security-bulletins/AWS-2025-014/
https://docs.aws.amazon.com/vpn/latest/clientvpn-user/client-vpn-connect-windows-release-notes.html

Configurations

No configuration.

History

14 Oct 2025, 18:15

Type	Values Removed	Values Added
Summary		(es) Durante la instalación del cliente AWS Client VPN en dispositivos Windows, el proceso de instalación utiliza el directorio C:\usr\local\windows-x86_64-openssl-localbuild\ssl para obtener el archivo de configuración de OpenSSL. Por lo tanto, un usuario no administrador podría insertar código arbitrario en el archivo de configuración. Si un usuario administrador inicia la instalación del cliente AWS Client VPN, dicho código podría ejecutarse con privilegios de root. Este problema no afecta a dispositivos Linux ni Mac. Recomendamos a los usuarios que interrumpan cualquier instalación nueva de AWS Client VPN en Windows anterior a la versión 5.2.2.
References		() https://docs.aws.amazon.com/vpn/latest/clientvpn-user/client-vpn-connect-windows-release-notes.html -

23 Jul 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-23 16:15

Updated : 2025-10-14 18:15

NVD link : CVE-2025-8069

Mitre link : CVE-2025-8069

CVE.ORG link : CVE-2025-8069

JSON object : View

Products Affected

No product.

CWE

CWE-276

Incorrect Default Permissions

{"id": "CVE-2025-8069", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}], "cvssMetricV40": [{"type": "Secondary", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.3, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-07-23T16:15:29.243", "references": [{"url": "https://aws.amazon.com/security/security-bulletins/AWS-2025-014/", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5"}, {"url": "https://docs.aws.amazon.com/vpn/latest/clientvpn-user/client-vpn-connect-windows-release-notes.html", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "description": [{"lang": "en", "value": "CWE-276"}]}], "descriptions": [{"lang": "en", "value": "During the AWS Client VPN client installation on Windows devices, the install process references the C:\\usr\\local\\windows-x86_64-openssl-localbuild\\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If an admin user starts the AWS Client VPN client installation process, that code could be executed with root-level privileges. This issue does not affect Linux or Mac devices. \n\nWe recommend users discontinue any new installations of AWS Client VPN on Windows prior to version 5.2.2."}, {"lang": "es", "value": "Durante la instalaci\u00f3n del cliente AWS Client VPN en dispositivos Windows, el proceso de instalaci\u00f3n utiliza el directorio C:\\usr\\local\\windows-x86_64-openssl-localbuild\\ssl para obtener el archivo de configuraci\u00f3n de OpenSSL. Por lo tanto, un usuario no administrador podr\u00eda insertar c\u00f3digo arbitrario en el archivo de configuraci\u00f3n. Si un usuario administrador inicia la instalaci\u00f3n del cliente AWS Client VPN, dicho c\u00f3digo podr\u00eda ejecutarse con privilegios de root. Este problema no afecta a dispositivos Linux ni Mac. Recomendamos a los usuarios que interrumpan cualquier instalaci\u00f3n nueva de AWS Client VPN en Windows anterior a la versi\u00f3n 5.2.2."}], "lastModified": "2025-10-14T18:15:37.230", "sourceIdentifier": "ff89ba41-3aa1-4d27-914a-91399e9639e5"}