POC Released for Critical RCE Vulnerability in AWS Amplify Codegen-UI
Summary: A critical security vulnerability has been disclosed in AWS Amplify Studio’s UI generation framework, with researchers releasing a proof-of-concept exploit demonstrating remote code execution capabilities.
| OEM | AWS |
| Severity | Critical |
| CVSS Score | 9.5 |
| CVEs | CVE-2025-4318 |
| POC Available | Yes |
| Actively Exploited | No |
| Exploited in Wild | No |
| Advisory Version | 1.0 |
Overview
A critical vulnerability has been discovered in AWS Amplify Studio’s UI generation tool, @aws-amplify/codegen-ui, which allows Remote Code Execution (RCE) during build or render time.
Tracked as CVE-2025-4318, this flaw originates from unsafe evaluation of user-defined JavaScript expressions without proper input validation or sandboxing.
It has been assigned a CVSS score of 9.5. Exploitation could lead to unauthorized command execution, leakage of AWS secrets, or full compromise of CI/CD environments. AWS addressed the issue in version 2.20.3, replacing the unsafe eval() with a sandboxed expression evaluator.
| Vulnerability Name | CVE ID | Product Affected | Severity | Fixed Version |
| Unsafe Expression Evaluation in Codegen-UI | CVE-2025-4318 | @aws-amplify/codegen-ui | Critical | 2.20.3 |
Technical Summary
The vulnerability stems from how AWS Amplify Studio processed dynamic expressions defined in component fields (eg: label, placeholder).
In affected versions, these expressions were directly evaluated using eval() without any filtering or validation, assuming they were safe.
This behavior enabled attackers to inject malicious code into UI schemas that would execute during the build or runtime process particularly dangerous in CI/CD pipelines where secrets and environment variables are accessible.
A working Proof-of-Concept (PoC) has been developed and shared by researchers, which simulates the exploit using a crafted JSON component, a Node.js script and a Python server. The PoC demonstrates successful RCE via malicious input evaluated by the vulnerable tool.
| CVE ID | System Affected | Vulnerability Details | Impact |
| CVE-2025-4318 | AWS Amplify Studio (<=2.20.2) | Vulnerable versions used eval() to interpret stringified JavaScript expressions in UI components. This allowed injection of malicious expressions such as shell commands, due to the absence of validation or blacklisting. | RCE, exposure of secrets, CI/CD compromise, unauthorized system control |
Remediation:
Upgrade Immediately: Update @aws-amplify/codegen-ui to version 2.20.3 or later, which replaces unsafe evaluation logic with a sandboxed function (safeEval) and a keyword blacklist.
Conclusion:
CVE-2025-4318 is a severe RCE vulnerability in AWS Amplify Studio caused by unsafe evaluation of JavaScript expressions during UI component rendering or generation.
A fully functional PoC exploit has been published, which clearly demonstrates the risk of using eval() in dynamic application code without input validation.
The fixed version mitigates this risk by introducing a sandboxed evaluation mechanism and filtering dangerous keywords. Organizations using Amplify Studio should upgrade immediately and audit all inputs and build processes for safety.
AWS security teams have advised developers to immediately upgrade to version 2.20.3 or later and audit all existing component schemas for potentially unsafe expressions.
The incident highlights the critical importance of implementing secure coding practices in low-code development platforms where user input directly influences code generation and execution processes.
References: