HomeUpdateWhat! Millions of users from different companies affected by an attack

What! Millions of users from different companies affected by an attack


Last Updated on 10/12/2021 by Nidhi Khandelwal

The issues affect Amazon WorkSpaces and other cloud services that employ USB over Ethernet, and might allow attackers to disable security and get kernel-level privileges.

Researchers discovered a number of high-security flaws in a library produced by network virtualization company Eltima, exposing approximately a dozen cloud services used by millions of people around the world to privilege-escalation attacks.

What! Millions of users from different companies affected by an attack 1

This includes, among others, Amazon WorkSpaces, Accops, and NoMachine: all programmes that use the Eltima software development kit (SDK) to allow the company’s “USB Over Ethernet” solution.

 USB Via Ethernet allows users to share numerous USB devices over an Ethernet network, allowing them to connect to devices such as webcams on remote PCs around the world as if they were physically linked into their own computers.

Because of code-sharing between the server side and the end user apps, the weaknesses affect both clients – such as laptops and desktops using Amazon WorkSpaces software – and cloud-based machine instances that rely on services such as Amazon Nimble Studio AMI, which run in the Amazon cloud.

The weaknesses allow attackers to gain elevated access, allowing them to carry out a variety of nefarious operations, including crippling the security solutions that consumers rely on for protection.

 According to SentinelOne senior security researcher Kasif Dekel, the vulnerabilities can be leveraged to “disable security products, overwrite system components, corrupt the operating system, or undertake malicious actions unchallenged.”

What! Millions of users from different companies affected by an attack 2

The cybersecurity firm hasn’t seen any of the vulnerabilities, which number in the dozens, being exploited in the wild.

The issues were disclosed to the appropriate vendors last quarter and have now been repaired. 

Amazon Nimble Studio AMI, Amazon NICE DCV, Amazon WorkSpaces, Amazon AppStream, NoMachine, Accops HyWorks, Accops HyWorks DVM Tools, Eltima USB Network Gate, Amzetta zPortal Windows zClient, Amzetta zPortal DVM Tools, FlexiHub, and Donglify are among the products that are affected.

Nidhi Khandelwal
Nidhi Khandelwal
Nidhi is a tech news/research contributor at TheDigitalHacker. She publishes about techno geopolitics, privacy, and data breach.
- Advertisment -

Must Read

RAT (Remote Access Trojan) Developer arrested for building malware that affected...

Law enforcement authorities have arrested a remote access trojan (RAT) developer for infecting around 10,000 computers with malware. The suspect, who has not been...