Argument Injection in AWS WorkSpaces Desktop Client URI Handler

We discussed this vulnerability during Episode 85 on 27 September 2021

The AWS WorkSpaces desktop application registers a custom URI on the host system and does not properly sanitize the parameters leading to argument injection. As the WorkSpaces client is based on Chromium Embeded Framework the debugging argument --gpu-launcher can be used to issue arbitrary commands.