CVE-2025-8069 - AWS Client VPN Windows Client Local Privilege Escalation

2025 014 ยท 2026-06-05

Actions

Rate this issue

Technical Details

Affected Versions 4.1.0, 5.0.0, 5.0.1, 5.0.2, 5.1.0, 5.2.0, 5.2.1
Regions all
CVE IDs CVE-2025-8069
Migration Required Yes
Cost Impact Neutral

What This Means

For DevOps Teams

Update the AWS Client VPN client installations on Windows devices to version 5.2.2 to address the local privilege escalation vulnerability (CVE-2025-8069) and prevent potential security risks associated with arbitrary code execution during the installation process.

For Platform Teams

Deploy the latest AWS Client VPN client version 5.2.2 across Windows devices to resolve the identified security issue (CVE-2025-8069) and maintain the integrity and security of VPN connections to AWS and on-premises resources.

For Executives

Implement the updated AWS Client VPN client version 5.2.2 to mitigate the local privilege escalation vulnerability (CVE-2025-8069) and ensure secure access to AWS and on-premises resources, thereby reducing the risk of unauthorized access and potential security breaches.

Source

View original AWS announcement โ†’

Weekly AWS Digest in Your Inbox

No spam, no headlines. Just a weekly summary of the 3โ€“7 AWS changes that matter for DevOps and Platform teams.

๐Ÿ“ง Exactly 1 email per week โ€ข Every Tuesday โ€ข Unsubscribe anytime

Today: AWS only. Coming next: Azure and other major clouds.