AWS Among 12 Cloud Services Affected by Flaws in Eltima SDK

Researchers have found a number of high-security vulnerabilities in third-party driver software – bugs that originated in a library created by network virtualization firm Eltima – that leave about a dozen cloud services used by millions of users worldwide open to privilege-escalation attacks.

That includes Amazon WorkSpaces, Accops and NoMachine, among others: all apps that enable remote desktop access by using the Eltima SDK (software development kit) to enable the company’s “USB Over Ethernet” product. USB Over Ethernet enables sharing of multiple USB devices over Ethernet, allowing users to connect to devices such as webcams on remote machines anywhere in the world as if the devices were physically plugged into their own computers.

The flaws are in the USB Over Ethernet function of the Eltima SDK, not in the cloud services themselves. Because of code-sharing between the server side and the end user apps, they affect both clients – such as laptops and desktops running Amazon WorkSpaces software – and cloud-based machine instances that rely on services such as Amazon Nimble Studio AMI that run in Amazon Cloud.

The flaws allow attackers to escalate privileges so that they can launch a slew of malicious actions, including to kick the

Read More: https://threatpost.com/aws-cloud-services-flaws-eltima/176852/