Home

Description

Improper resource release in the call termination process in AWS Wickr before version 6.62.13 on Windows, macOS and Linux may allow a call participant to continue receiving audio input from another user after they close their call window. This issue occurs under certain conditions, which require the affected user to take a particular action within the application To mitigate this issue, users should upgrade AWS Wickr, Wickr Gov and Wickr Enterprise desktop version to version 6.62.13.

PUBLISHED Reserved 2025-11-21 | Published 2025-11-21 | Updated 2025-11-21 | Assigner AMZN




MEDIUM: 5.7CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

MEDIUM: 6.8CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-404 Improper Resource Shutdown or Release

Product status

Default status
unaffected

6.62.13
unaffected

Default status
unaffected

6.62.13
unaffected

Default status
unaffected

6.62.13
unaffected

References

aws.amazon.com/security/security-bulletins/AWS-2025-029/ vendor-advisory

docs.aws.amazon.com/...guide/clients-release-notes-6.62.html release-notes

cve.org (CVE-2025-13524)

nvd.nist.gov (CVE-2025-13524)

Download JSON