Summary: A critical security vulnerability has been disclosed in AWS Amplify Studio’s UI generation framework, with researchers releasing a proof-of-concept exploit demonstrating remote code execution capabilities.

OEM	AWS
Severity	Critical
CVSS Score	9.5
CVEs	CVE-2025-4318
POC Available	Yes
Actively Exploited	No
Exploited in Wild	No
Advisory Version	1.0

Overview 

A critical vulnerability has been discovered in AWS Amplify Studio’s UI generation tool, @aws-amplify/codegen-ui, which allows Remote Code Execution (RCE) during build or render time.

Tracked as CVE-2025-4318, this flaw originates from unsafe evaluation of user-defined JavaScript expressions without proper input validation or sandboxing.

It has been assigned a CVSS score of 9.5. Exploitation could lead to unauthorized command execution, leakage of AWS secrets, or full compromise of CI/CD environments. AWS addressed the issue in version 2.20.3, replacing the unsafe eval() with a sandboxed expression evaluator. 

Vulnerability Name	CVE ID	Product Affected	Severity	Fixed Version
​Unsafe Expression Evaluation in Codegen-UI	CVE-2025-4318	@aws-amplify/codegen-ui	Critical	2.20.3

Technical Summary 

The vulnerability stems from how AWS Amplify Studio processed dynamic expressions defined in component fields (eg: label, placeholder).

In affected versions, these expressions were directly evaluated using eval() without any filtering or validation, assuming they were safe.

This behavior enabled attackers to inject malicious code into UI schemas that would execute during the build or runtime process particularly dangerous in CI/CD pipelines where secrets and environment variables are accessible. 

A working Proof-of-Concept (PoC) has been developed and shared by researchers, which simulates the exploit using a crafted JSON component, a Node.js script and a Python server. The PoC demonstrates successful RCE via malicious input evaluated by the vulnerable tool. 

CVE ID	System Affected	Vulnerability Details	Impact
CVE-2025-4318	AWS Amplify Studio (<=2.20.2)	Vulnerable versions used eval() to interpret stringified JavaScript expressions in UI components. This allowed injection of malicious expressions such as shell commands, due to the absence of validation or blacklisting.	RCE, exposure of secrets, CI/CD compromise, unauthorized system control

Remediation: 

Upgrade Immediately: Update @aws-amplify/codegen-ui to version 2.20.3 or later, which replaces unsafe evaluation logic with a sandboxed function (safeEval) and a keyword blacklist. 

Conclusion: 
CVE-2025-4318 is a severe RCE vulnerability in AWS Amplify Studio caused by unsafe evaluation of JavaScript expressions during UI component rendering or generation.

A fully functional PoC exploit has been published, which clearly demonstrates the risk of using eval() in dynamic application code without input validation. 

The fixed version mitigates this risk by introducing a sandboxed evaluation mechanism and filtering dangerous keywords. Organizations using Amplify Studio should upgrade immediately and audit all inputs and build processes for safety. 

AWS security teams have advised developers to immediately upgrade to version 2.20.3 or later and audit all existing component schemas for potentially unsafe expressions.

The incident highlights the critical importance of implementing secure coding practices in low-code development platforms where user input directly influences code generation and execution processes.

References: 

• https://securityonline.info/cve-2025-4318-cvss-9-5-aws-amplify-rce-flaw-exposed-with-poc-ci-cd-pipelines-at-risk/  

• https://blog.securelayer7.net/cve-2025-4318-aws-amplify-rce/#Developing-a-Proof-of-Concept-Exploit 

• https://github.com/aws-amplify/amplify-codegen-ui/releases/tag/v2.20.3