AWS patches critical studio flaws

Amazon Web Services just patched bugs in a product that acts like a front desk for cloud research labs, and one of them could turn a session name into root-level command execution on a virtual desktop host. The product is Research and Engineering Studio, an open-source web portal Amazon Web Services launched in November 2023 for scientists and engineers to spin up desktops and tools in the cloud. (aws.amazon.com 1) (aws.amazon.com 2) Research and Engineering Studio is meant to hide cloud complexity behind a browser window, so a user clicks into a virtual desktop instead of hand-building servers, storage, and permissions. Amazon Web Services says the portal is designed for research and engineering teams that need collaboration with minimal administrative overhead. (docs.aws.amazon.com) (aws.amazon.com) That convenience means the portal sits in front of powerful machinery, and the machinery includes virtual desktop hosts, cluster-manager Amazon Elastic Compute Cloud instances, and Amazon Web Services identity roles. If the portal trusts the wrong input, a normal user can end up steering the back-end systems that are supposed to stay out of reach. (docs.aws.amazon.com) (aws.amazon.com) The first flaw, tracked as Common Vulnerabilities and Exposures number CVE-2026-5707, was in how Research and Engineering Studio handled a virtual desktop session name. Amazon Web Services said versions 2025.03 through 2025.12.01 could let an authenticated remote user send a crafted session name that executes arbitrary commands as root on the virtual desktop host. (aws.amazon.com) (nist.gov) In plain English, that bug treated a label like part of a command line instead of just text, which is like letting someone type their own instructions into a name tag printer and having the printer obey them. The National Vulnerability Database lists Amazon’s score for that flaw at 8.8 out of 10 under Common Vulnerability Scoring System version 3.1. (nist.gov) The second flaw, Common Vulnerabilities and Exposures number CVE-2026-5708, was in session creation. Amazon Web Services said versions before 2026.03 could let an authenticated user send a crafted application programming interface request that escalates privileges and assumes the Virtual Desktop Host instance profile. (aws.amazon.com) An instance profile is the badge a cloud server uses to open other Amazon Web Services doors, so stealing that badge can turn one compromised desktop into access to storage, databases, or other services the host is allowed to touch. Amazon Web Services described the risk as interaction with other Amazon Web Services resources and services through those inherited permissions. (aws.amazon.com) The third flaw, Common Vulnerabilities and Exposures number CVE-2026-5709, was in the FileBrowser application programming interface. Amazon Web Services said versions 2024.10 through 2025.12.01 could let an authenticated remote user execute arbitrary commands on the cluster-manager Amazon Elastic Compute Cloud instance through crafted FileBrowser input. (aws.amazon.com) Amazon Web Services fixed all three issues in Research and Engineering Studio version 2026.03, and the March 2026 revision notes spell out the same three repairs in different words: session-name injection, external instance profile use during session creation, and a FileBrowser privilege problem. For customers who cannot upgrade immediately, Amazon Web Services also published mitigation patches for older 2025.12 and 2025.12.01 environments. (docs.aws.amazon.com) (aws.amazon.com) (github.com 1) (github.com 2) The detail worth noticing is that every bug required an authenticated user, not an anonymous internet scan. That makes products like Research and Engineering Studio especially sensitive, because they are built to give many legitimate users a smooth path into very privileged systems. (aws.amazon.com) This is why cloud security failures so often show up in orchestration layers instead of the raw servers underneath them. A portal that creates sessions, passes names, and attaches roles is effectively a control tower, and a mistake in the control tower can redirect everything it manages. (docs.aws.amazon.com) (aws.amazon.com) Amazon Web Services is telling customers to upgrade to the latest version and to patch any forked or derivative code, which matters because Research and Engineering Studio is open source and can be modified after download. In other words, the fix is available, but anyone running a customized copy still has to carry the patch into their own environment. (aws.amazon.com) (github.com)