Last Updated on 09/12/2021 by Nidhi Khandelwal
The issues affect Amazon WorkSpaces and other cloud services that employ USB over Ethernet, and might allow attackers to disable security and get kernel-level privileges.
Researchers discovered a number of high-security flaws in a library produced by network virtualization company Eltima, exposing approximately a dozen cloud services used by millions of people around the world to privilege-escalation attacks.
This includes, among others, Amazon WorkSpaces, Accops, and NoMachine: all programmes that use the Eltima software development kit (SDK) to allow the company’s “USB Over Ethernet” solution.
USB Via Ethernet allows users to share numerous USB devices over an Ethernet network, allowing them to connect to devices such as webcams on remote PCs around the world as if they were physically linked into their own computers.
Because of code-sharing between the server side and the end user apps, the weaknesses affect both clients – such as laptops and desktops using Amazon WorkSpaces software – and cloud-based machine instances that rely on services such as Amazon Nimble Studio AMI, which run in the Amazon cloud.
The weaknesses allow attackers to gain elevated access, allowing them to carry out a variety of nefarious operations, including crippling the security solutions that consumers rely on for protection.
According to SentinelOne senior security researcher Kasif Dekel, the vulnerabilities can be leveraged to “disable security products, overwrite system components, corrupt the operating system, or undertake malicious actions unchallenged.”
The cybersecurity firm hasn’t seen any of the vulnerabilities, which number in the dozens, being exploited in the wild.
The issues were disclosed to the appropriate vendors last quarter and have now been repaired. Amazon Nimble Studio AMI, Amazon NICE DCV, Amazon WorkSpaces, Amazon AppStream, NoMachine, Accops HyWorks, Accops HyWorks DVM Tools, Eltima USB Network Gate, Amzetta zPortal Windows zClient, Amzetta zPortal DVM Tools, FlexiHub, and Donglify are among the products that are affected.