Main Vulnerability Database Vulnerabilities #VU120184

#VU120184 Spoofing attack in AWS SDK for PHP - CVE-2025-14761

Published: December 18, 2025

Vulnerability identifier: #VU120184

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-14761

CWE-ID: CWE-451

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
AWS SDK for PHP

Software vendor:
Amazon Web Services

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to a single ciphertext can be decrypted into 2 different plaintexts by using different encryption keys. A remote user with permission to upload a new instruction file to the S3 bucket to replace the existing instruction file can create a rouge EDK key and force the application to use it in any future attempts to decrypt the underlying encrypted message with the S3EC.

Remediation

Install updates from vendor's website.

External links

https://github.com/aws/aws-sdk-php/security/advisories/GHSA-x8cp-jf6f-r4xh

#VU120184 Spoofing attack in AWS SDK for PHP - CVE-2025-14761

Description

Remediation

External links

Please verify you're human