Security Bulletin – AWS Client VPN - CVE-2024-30164, CVE-2024-30165
- Partho Garg
Dear Valued Customer,
Rego is dedicated to protecting and securing your data stored in Clarity, hosted by Rego on Amazon Web Services.
Please be advised that AWS has recommended all customers using AWS Client VPN to upgrade their VPN client to version 3.11.1 or higher for Windows, 3.9.2 or higher for MacOS, and 3.12.1 or higher for Linux. This upgrade addresses the issues related to CVE-2024-30164 and CVE-2024-30165 in AWS Client VPN for all platforms.
What are CVE-2024-30164 and CVE-2024-30165 vulnerabilities?
These vulnerabilities could potentially allow an actor with access to an end user's device to escalate to root privilege and execute arbitrary commands on that device.
More information available at Issue with AWS Client VPN - CVE-2024-30164, CVE-2024-30165 .
The newer versions of AWS client VPN can be downloaded using the link, AWS Client VPN Download | Amazon Web Services
If you have any questions or concerns, please do not hesitate to contact our Rego SaaS support team at SaaSSupportTeam@regoconsulting.com.
Thank you for your understanding and cooperation as we work to improve our services.
Sincerely,
Rego SaaS Support Team