VDB
GCVE-110-CLOUD-2024-0027
GCVE-110-CLOUD-2024-0027
Advisory Published
The AWS Client VPN service was found to be affected by two
vulnerabilities which could potentially allow malicious actors with access to
a user’s device to execute arbitrary commands with elevated privileges,
including escalating to root access. Both vulnerabilities stem from buffer
overflow issues, a common programming error that can be exploited to overwrite
memory and gain unauthorized control over a system. The impact of these
vulnerabilities is severe, as successful exploitation could lead to complete
compromise of an affected device. Attackers could gain access to sensitive
data, install malware, or disrupt system operations. Given the widespread use
of AWS Client VPN for secure remote access, the potential for widespread
exploitation is a significant concern. AWS has acted swiftly to address these
vulnerabilities, releasing updated versions of the Client VPN software for all
supported platforms. However, the onus is on users to promptly apply these
updates to mitigate the risk.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| AWS | Cloud Services | — | — |
| AWS | AWS Client VPN | — | — |
Aliases
Browse GCVE Records
73,443 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.