CVE-2026-5485: CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection') in Amazon Amazon Athena ODBC driver
OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To remediate this issue, users should upgrade to version 2.0.5.1 or later.
AI Analysis
Technical Summary
The Amazon Athena ODBC driver for Linux prior to version 2.0.5.1 contains an OS command injection vulnerability (CWE-78) in its browser-based authentication component. This vulnerability arises from improper neutralization of special elements in OS commands, which can be triggered by specially crafted connection parameters loaded during a local user-initiated connection. Successful exploitation could allow arbitrary code execution with the privileges of the user running the driver. The vulnerability carries a CVSS 3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The vendor advisory recommends upgrading to version 2.0.5.1 or later to address this issue.
Potential Impact
Exploitation of this vulnerability could lead to arbitrary code execution on the affected system with the privileges of the local user initiating the connection. This impacts confidentiality, integrity, and availability of the system. There are no reports of known exploits in the wild at this time.
Mitigation Recommendations
Users should upgrade the Amazon Athena ODBC driver to version 2.0.5.1 or later, as recommended by the vendor advisory. This update addresses the OS command injection vulnerability. No additional mitigation steps are specified or required according to the vendor advisory.
CVE-2026-5485: CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection') in Amazon Amazon Athena ODBC driver
Description
OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To remediate this issue, users should upgrade to version 2.0.5.1 or later.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Amazon Athena ODBC driver for Linux prior to version 2.0.5.1 contains an OS command injection vulnerability (CWE-78) in its browser-based authentication component. This vulnerability arises from improper neutralization of special elements in OS commands, which can be triggered by specially crafted connection parameters loaded during a local user-initiated connection. Successful exploitation could allow arbitrary code execution with the privileges of the user running the driver. The vulnerability carries a CVSS 3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The vendor advisory recommends upgrading to version 2.0.5.1 or later to address this issue.
Potential Impact
Exploitation of this vulnerability could lead to arbitrary code execution on the affected system with the privileges of the local user initiating the connection. This impacts confidentiality, integrity, and availability of the system. There are no reports of known exploits in the wild at this time.
Mitigation Recommendations
Users should upgrade the Amazon Athena ODBC driver to version 2.0.5.1 or later, as recommended by the vendor advisory. This update addresses the OS command injection vulnerability. No additional mitigation steps are specified or required according to the vendor advisory.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- AMZN
- Date Reserved
- 2026-04-03T13:43:38.696Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://aws.amazon.com/security/security-bulletins/2026-013-aws/","vendor":"AWS"}]
Threat ID: 69d023670a160ebd92577b3e
Added to database: 4/3/2026, 8:30:31 PM
Last enriched: 4/3/2026, 8:45:26 PM
Last updated: 4/4/2026, 12:43:51 AM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.