Original Post: AWS WorkSpaces Remote Code Execution [CVE-2021-38112]
This vulnerability was analyzed during Episode 85 on 27 September 2021
The AWS WorkSpaces desktop application registers a custom URI on the host system and does not properly sanitize the parameters leading to argument injection. As the WorkSpaces client is based on Chromium Embeded Framework the debugging argument --gpu-launcher
can be used to issue arbitrary commands.