CVE‑2026‑7791: Local Privilege Escalation in Amazon WorkSpaces Skylight Agent – What It Means for Your Business and How to Respond

Introduction

CVE‑2026‑7791 is a high‑severity vulnerability affecting Amazon WorkSpaces for Windows tenants that use the Skylight Workspace Config Service and have not opted into “Local Administrator Setting” on their directory. For organizations in the United States and Canada that host virtual desktops or cloud workstations on AWS, this bug can enable an attacker to escalate from a standard user account to full SYSTEM‑level control on a WorkSpaces instance. This post explains why this CVE matters to your business, what real‑world risks it creates, how to determine if you are exposed, and how to coordinate patching and controls with your security team.

S1 — Background & History

CVE‑2026‑7791 was disclosed in early May 2026 as part of Amazon’s security bulletins for AWS services. It affects Amazon WorkSpaces for Windows when running earlier versions of the Windows Amazon Skylight Workspace Config Service (slwsconfigservice), specifically before version 2.6.2034.0. The vulnerability was identified internally by AWS and reported to the ecosystem as a local privilege‑escalation issue with a CVSS 3.1 base score of 7.8, classified as “High” severity.

The core issue stems from improper privilege management in the Skylight Workspace Config Service’s log‑rotation mechanism, where a race condition allows a local non‑administrator user to place arbitrary files into privileged locations on the system. This flaw effectively bypasses normal file‑system permission checks and can be exploited to achieve SYSTEM‑level privileges on the affected WorkSpaces instance. AWS released an updated build of the Skylight Workspace Config Service (2.6.2034.0 or later) that resolves the race condition and recommends customers update or reboot affected WorkSpaces as soon as possible.

S2 — What This Means for Your Business

For your business, CVE‑2026‑7791 is not a remote “internet‑facing” flaw, but it still poses a serious risk if attackers first gain access to a standard user account on a WorkSpaces instance. In regulated industries such as finance, healthcare, or government contracting—common across the U.S. and Canadian markets—this vulnerability can undermine compliance expectations for access control, least privilege, and data protection. A successful exploit can allow an attacker to modify or delete critical configuration files, install persistent malware, or exfiltrate sensitive data stored on the WorkSpaces image.

From an operational standpoint, a compromised WorkSpaces instance can disrupt end‑user productivity, require time‑consuming incident response and forensic analysis, and increase the cost of remediation well beyond the simple patching window. Reputational risk also rises if attackers use elevated WorkSpaces accounts to pivot into on‑premises corporate networks or cloud workloads, especially when customer data or protected financial information is involved. Because patching requires updating or rebooting the WorkSpaces instance, business leaders must coordinate with IT and security teams to minimize disruption while containing the exposure window.

S3 — Real‑World Examples

Remote‑First Financial Services Firm:

A regional bank in Canada uses Amazon WorkSpaces to provide secure virtual desktops for its back‑office operations and risk‑analysis teams. If an attacker gains access to a standard user account through a phishing campaign or weak password, they can exploit CVE‑2026‑7791 to escalate to SYSTEM and tamper with application configurations or scheduled batch jobs, potentially causing data‑processing errors or delayed reporting.

Healthcare Provider with Shared Workstations:

A U.S. healthcare organization hosts clinical and administrative staff on shared WorkSpaces images to support remote medical billing and telehealth coordination. An attacker who compromises a single user’s session could leverage this vulnerability to plant credential‑harvesting tools or alter audit‑log behavior, increasing the likelihood of undetected access to protected health information and potential HIPAA‑related findings during an audit.

Technology Company Using Dev Workspaces:

A North American software firm provisions Amazon WorkSpaces for its development and QA teams, often with elevated tooling and access to internal repositories. If a developer’s WorkSpaces session is hijacked, an attacker could escalate privileges and install code‑signing tools or backdoors within the environment, creating a pathway to sabotage builds or steal proprietary application source code.

Legal and Professional Services Practice:

A mid‑size law or consulting firm in the U.S. uses WorkSpaces for document review and case‑management systems. A successful local privilege escalation could allow an attacker to modify saved documents, bypass local access controls, or stage data‑exfiltration agents that run with elevated rights, potentially leading to leaks of confidential client information and regulatory scrutiny.

S4 — Am I Affected?

• You are likely affected by CVE‑2026‑7791 if any of the following conditions apply to your environment:

• You are using Amazon WorkSpaces for Windows instances that rely on the Skylight Workspace Config Service (slwsconfigservice) and have not opted into the “Local Administrator Setting” on your directory.

• Your WorkSpaces images are running an earlier version of the Skylight Workspace Config Service than 2.6.2034.0.

• Your WorkSpaces instances are shared or used by multiple employees without strict session isolation or host‑based privilege‑management controls.

• You have not recently rebuilt or rebooted your WorkSpaces images after AWS released the updated Skylight Workspace Config Service.

If your environment matches any of these conditions, treat this vulnerability as active exposure and plan prioritized remediation alongside your AWS operations and security teams.

OUTRO

Key Takeaways

• CVE‑2026‑7791 is a high‑severity local privilege‑escalation flaw in Amazon WorkSpaces for Windows that can allow standard users to gain SYSTEM‑level control on affected instances.

• U.S. and Canadian organizations using WorkSpaces for finance, healthcare, legal, or development work face meaningful operational, compliance, and reputational risk if this vulnerability is left unpatched.

• The vulnerability is tied to the Skylight Workspace Config Service before version 2.6.2034.0 and requires attackers to first obtain a local, non‑administrator account on the WorkSpaces instance.

• Patching via the updated Skylight Workspace Config Service and, where possible, rebooting affected WorkSpaces instances is the primary mitigation AWS recommends.

• Businesses should combine patching with tighter access controls, session monitoring, and privilege‑management practices to reduce the likelihood that an initial compromise can escalate into a full‑system breach.

Call to Action

If your organization relies on Amazon WorkSpaces for critical business operations, you should validate which WorkSpaces images are affected by CVE‑2026‑7791 and confirm that your fleet is updated to the latest Skylight Workspace Config Service version. To strengthen your overall posture beyond this single CVE, IntegSec offers targeted penetration testing and cybersecurity‑risk‑reduction engagements that simulate how an attacker would move from a standard user account to system‑level control in your environment. https://integsec.com Contact IntegSec today to schedule a pentest that validates your patching, privilege‑management, and detection controls for AWS‑hosted workspaces.

TECHNICAL APPENDIX

A — Technical Analysis

CVE‑2026‑7791 is classified as improper privilege management in the log‑rotation mechanism of the Windows Amazon Skylight Workspace Config Service (slwsconfigservice) in Amazon WorkSpaces for Windows. The root cause is a time‑of‑check‑to‑time‑of‑use (TOCTOU) race condition in the service’s handling of log‑file archival, where a local non‑administrator user can influence the timing of file operations to bypass expected file‑system permissions.

The affected component is the Skylight Workspace Config Service before version 2.6.2034.0 on Windows WorkSpaces instances that do not have the “Local Administrator Setting” enabled on their directory. An attacker with a local, non‑administrative account can exploit this race condition to place arbitrary files into arbitrary locations on the file system, including directories normally reserved for SYSTEM‑level processes. This leads to local privilege escalation to SYSTEM, enabling full control over the WorkSpaces instance, including modification of configuration files, installation of persistently loaded binaries, and execution of arbitrary code with elevated privileges.

In CVSS 3.1 terms, the vector is AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H with a base score of 7.8 (High), indicating a local attack vector, low attack complexity, low privileges required, no user interaction, unchanged scope, and high impact on confidentiality, integrity, and availability. The NVD entry maps this issue to CWE‑276 (Incorrect Privilege Assignment) and CWE‑362 (Concurrent Execution Using Shared Resource with Improper Synchronization, i.e., race conditions).

B — Detection & Verification

To determine whether a given WorkSpaces instance is technically affected, operators should enumerate the version of the Skylight Workspace Config Service installed on each Windows WorkSpaces image. On a Windows WorkSpaces host, administrators can query the installed version of slwsconfigservice via the Programs and Features list or by reading the file version properties of the service binary (typically under Program Files\Amazon\WorkSpaces\Skylight). Automation tools such as AWS Systems Manager Run Command or configuration‑management frameworks can be used to issue version‑check scripts across multiple WorkSpaces instances and flag any version earlier than 2.6.2034.0.

Security scanners that incorporate the AWS security bulletin or CVE‑2026‑7791‑specific signatures can identify vulnerable WorkSpaces instances by inspecting the Skylight Workspace Config Service version remotely or via agent‑based checks. From a log‑based detection perspective, defenders should monitor for anomalous file‑creation or file‑modification events in system‑protected directories, particularly around the Skylight‑related log and configuration directories, coming from non‑SYSTEM user contexts. Behavioral anomalies such as unexpected process creation from privileged paths, unusual file‑ownership changes on system files, or abnormal restart patterns of the Skylight Workspace Config Service may indicate exploitation attempts. Network‑level indicators are limited because the vulnerability is local, but associated post‑exploitation activity (such as beaconing to external command‑and‑control servers) may appear in network telemetry or endpoint‑detection tools.

C — Mitigation & Remediation

1. Immediate (0–24 hours)

• Identify all Amazon WorkSpaces for Windows instances that are not using version 2.6.2034.0 or later of the Skylight Workspace Config Service and tag them as critical‑risk assets.

• Where possible, schedule immediate reboots of affected WorkSpaces during the next maintenance window to trigger the self‑service update mechanism AWS provides for the Skylight Workspace Config Service.

• Enforce temporary restrictions on non‑essential user accounts on vulnerable WorkSpaces, such as disabling shared or guest accounts and limiting interactive logins to only those users whose work absolutely requires access.

2. Short‑term (1–7 days)

• Apply the official AWS patch by updating the Skylight Workspace Config Service to 2.6.2034.0 or later across all Windows WorkSpaces instances, either through automated reboots or via AWS‑provided update workflows.

• Re‑image or rebuild any WorkSpaces instances that fail to update cleanly and where behavioral anomalies suggest potential compromise.

• Augment host‑based protections by enabling or tuning endpoint‑detection‑and‑response (EDR) rules to detect and alert on file‑system changes to critical directories and suspicious service‑related processes on WorkSpaces hosts.

3. Long‑term (ongoing)

• Maintain a defined patching cadence for Amazon WorkSpaces base images and ensure that new WorkSpaces are provisioned from patched, hardened templates.

• Enable and enforce least‑privilege access to all WorkSpaces instances, including the use of role‑based profiles and temporary‑privilege mechanisms instead of long‑lived elevated accounts.

• Implement continuous monitoring of WorkSpaces instances for abnormal file‑system activity, service‑configuration changes, and unexpected privilege‑escalation events, integrating logs into a centralized SIEM or security analytics platform.

• For environments that cannot patch immediately—such as legacy WorkSpaces required for specific, long‑running applications—interim mitigations include network segmentation, strict outbound proxying, disabling unnecessary local accounts, and enforcing multi‑factor authentication for all WorkSpaces logins. AWS also recommends avoiding the use of shared or highly privileged accounts on WorkSpaces where possible, since this reduces the payoff for an attacker who successfully exploits CVE‑2026‑7791.

D — Best Practices

• Enforce strict least‑privilege and role‑based access on all WorkSpaces instances so that no user has elevated rights beyond what is absolutely required for their tasks.

• Implement routine patching and image‑rebuild cycles for your Amazon WorkSpaces fleet to close known privilege‑management and race‑condition vulnerabilities as quickly as new builds are released.

• Enable centralized monitoring and alerting for anomalous file‑system and service‑configuration changes on WorkSpaces hosts, especially in protected system directories.

• Restrict or disable shared or guest accounts on WorkSpaces, and require multi‑factor authentication for all interactive logins to increase the difficulty of initial account compromise.

• Conduct periodic penetration tests focused on local privilege‑escalation scenarios in AWS‑hosted environments to validate that your access controls and detection mechanisms can stop or contain this class of attack.