CVE-2025-13524

Summary

Improper resource release in the call termination process in AWS Wickr before version 6.62.13 on Windows, macOS and Linux may allow a call participant to continue receiving audio input from another user after they close their call window. This issue occurs under certain conditions, which require the affected user to take a particular action within the application

To mitigate this issue, users should upgrade AWS Wickr, Wickr Gov and Wickr Enterprise desktop version to version 6.62.13.

Affected Software

VendorProductVersion RangeStatus
AWSWickr6.62.13unaffected
AWSWickr Gov6.62.13unaffected
AWSWickr Enterprise6.62.13unaffected

Weaknesses

  • CWE-404: CWE-404 Improper Resource Shutdown or Release

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References