Security Advisory

CVE-2026-7791

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-05-04 22:07:35

Last updated 2026-05-06 03:56:05

Assigner AMZN

State PUBLISHED

Description

Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission protections, leading to local privilege escalation to SYSTEM.

← Browse all CVEs View on cve.org ↗