CERT-In Vulnerability Note
CIVN-2020-0267
Multiple vulnerabilities in Apache Guacamole
Original Issue Date:July 09, 2020
Severity Rating: HIGH
Software Affected
- Apache Guacamole 1.1.0 and older
Overview
Multiple vulnerabilities have been reported in Apache Guacamole product which could allow an attacker with access to a malicious or compromised RDP server to execute arbitrary code, cause memory corruption or enable information disclosure from a targeted guacd process.
Description
1. Improper input validation of RDP static virtual channels
(
CVE-2020-9497
)
This vulnerability exists due to improper validation of data received from RDP servers via static virtual channels. If a user connects to a malicious or compromised RDP server, specially-crafted PDUs could result in disclosure of information within the memory of the guacd process handling the connection. Successful exploitation of this vulnerability could allow an attacker to access the sensitive information on the targeted system.
2. Dangling pointer in RDP static virtual channel handling
(
CVE-2020-9498
)
This vulnerability exists due to mishandling of pointers involved in processing data received via RDP static virtual channels. If a user connects to a malicious or compromised RDP server, a series of specially-crafted PDUs could result in memory corruption, possibly allowing arbitrary code to be executed with the privileges of the running guacd process. Successful exploitation of this vulnerability could allow an attacker to use specially-crafted PDUs to cause memory corruption and execute arbitrary code with the privileges of the running guacd process.
Solution
Apply appropriate patches as mentioned in
Apache Guacamole.
Vendor Information
Apache Guacamole
https://guacamole.apache.org/security/
References
CheckPoint Research
https://research.checkpoint.com/2020/apache-guacamole-rce/
CVE Name
CVE-2020-9497
CVE-2020-9498
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In) Ministry of Electronics and Information Technology Government of India Electronics Niketan 6, CGO Complex, Lodhi Road, New Delhi - 110 003 India
|