CVE-2026-14904
MEDIUMAWS RES 2026.03 - Auth.GetUserPrivateKey Arbitrary File Read
Title source: manualDescription
AWS Research and Engineering Studio (RES) is an open-source solution that enables researchers and engineers to create and manage secure virtual desktops and computing resources on AWS. Improper link resolution before file access issue (CWE-59) in the Auth.GetUserPrivateKey API. An authenticated remote user could read arbitrary files on the cluster-manager EC2 instance by replacing their SSH private key file (~/.ssh/id_rsa) with a symbolic link targeting any file on the host. Because the cluster-manager process runs as root, any file readable by root is exposed, including other users' SSH private keys and application configuration secrets. It's recommended to upgrade to RES version 2026.06.
References (2)
Core 2
Core References
Release Notes release-notes
https://github.com/aws/res/releases/tag/2026.06
Vendor Advisory vendor-advisory
https://aws.amazon.com/security/security-bulletins/2026-053-aws/
Scores
CVSS v3
6.5
EPSS
0.0038
EPSS Percentile
30.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-59
Status
published
Products (1)
AWS/res
< 2026.03
Published
Jul 07, 2026
Tracked Since
Jul 07, 2026