Call audio termination issue in AWS Wickr desktop clients

Bulletin ID: AWS-2025-029 Scope: AWS Content Type: Important (requires attention) Publication Date: 2025/11/21 12:15 PM PDT Description: AWS Wickr is an end-to-end encrypted service that helps organizations communicate securely through messaging, voice and video calling, file sharing, and screen sharing. We identified CVE-2025-13524, which describes an issue in the Wickr calling service. Under certain conditions, which require the affected user to take a particular action within the application, the user’s audio stream remains open after they close their call window. This could result in audio from the affected user’s device continuing to stream unexpectedly to other call participants until those users drop the call, the affected user joins another call, or the affected user terminates their application. Impacted versions: AWS Wickr, Wickr Gov and Wickr Enterprise desktop (Windows, Mac and Linux) versions prior to 6.62.13.