Amazon WorkSpaces Windows client credential logging

Published Fri, Oct 6th, 2023


AWS identified an issue in the Amazon WorkSpaces Windows client which resulted in unintentionally logging connection debugging information to a user's local system. This data could include usernames or passwords if they contain specific characters: \ (backslash) or " (double quotes). If an attacker gained access to an Amazon WorkSpaces user's machine, they could then compromise such credentials from the log.

Affected Services

Amazon WorkSpaces


Update the client to version 5.11.0 or higher. New versions of the client will automatically delete local logs generated by vulnerable versions.

Tracked CVEs

No tracked CVEs


Disclosure Date
Exploitablity Period
Known ITW Exploitation
Detection Methods
Piercing Index Rating
Discovered by