CVE-2025-9039 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-9039 PUBLISHED CVSS 5.300000190734863 MEDIUM

Information Disclosure in Amazon ECS Container Agent

EPSS 0.04% · 11.0th percentile

Risk Scores

CVSS v4.0

5.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS Score

0.04%

11.0th percentile

Affected Products

Vendor	Product	Versions
github.com	aws/amazon-ecs-agent	0.0.3
Amazon	ECS	0.0.3

Timeline

Aug 14, 2025 CVE Published
Aug 14, 2025 PoC Published
Aug 14, 2025 PoC Published
Aug 14, 2025 PoC Published
Aug 15, 2025 EPSS Score
Aug 16, 2025 PoC Published
Aug 23, 2025 EPSS Score
Aug 30, 2025 EPSS Score
Sep 7, 2025 EPSS Score
Sep 10, 2025 PoC Published
Sep 15, 2025 EPSS Score
Sep 22, 2025 EPSS Score

References

https://github.com/aws/amazon-ecs-agent/releases/tag/v1.97.1 patch
https://aws.amazon.com/security/security-bulletins/AWS-2025-018/ vendor-advisory
https://github.com/aws/amazon-ecs-agent/security/advisories/GHSA-wm7x-ww72-r77q vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2025-9039 advisory
https://aws.amazon.com/security/security-bulletins/AWS-2025-018 url
https://github.com/aws/amazon-ecs-agent package

Open in Interactive Console →