CVE-2025-11462
HIGHAWS VPN Client for macOS <5.2.0 - Privilege Escalation
Title source: llmDescription
Improper Link Resolution Before File Access in the AWS VPN Client for macOS versions 1.3.2- 5.2.0 allows a local user to execute code with elevated privileges. Insufficient validation checks on the log destination directory during log rotation could allow a non-administrator user to create a symlink from a client log file to a privileged location. On log rotation, this could lead to code execution with root privileges if the user made crafted API calls which injected arbitrary code into the log file. We recommend users upgrade to AWS VPN Client for macOS 5.2.1 or the latest version.
References (2)
Core 2
Core References
Various Sources vendor-advisory
https://aws.amazon.com/security/security-bulletins/AWS-2025-020/
Various Sources patch
release-notes
https://docs.aws.amazon.com/vpn/latest/clientvpn-user/client-vpn-connect-macos-release-notes.html
Scores
CVSS v3
7.8
EPSS
0.0021
EPSS Percentile
10.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-59
Status
published
Products (1)
AWS/Client VPN
1.3.2 - 5.2.1
Published
Oct 07, 2025
Tracked Since
Feb 18, 2026