CYBER NEWS

CVE-2020-9497: Severe Apache Guacamole Zero-Day Vulnerability Found

The Apache Guacamole remote desktop gateway has been identified to contain zero-day vulnerabilities. The identified issues are described as Reverse RDP vulnerabilities which allows criminals to take over the sessions. Identified issues are now tracked in the CVE-2020-9497 advisory.




Zero-Day Vulnerabilities Found in Apache Guacamole Instances: CVE-2020-9497 Advisory Assigned

Apache Guacamole as one of the popular solutions for setting up a clientless remote desktop gateway appears to be impacted by several zero-day critical vulnerabilities. The news came following the disclosure of the bugs and their identifiers. This is a tool that is used to create the necessary connections in order for remote desktop connections to be made. It supports all standard protocols that are used by most client software including VNC, RDP and SSH. By design Guacamole is a HTML5 web application which needs to be deployed on a given machine and the server will then be accessible via a simple browser.

Related:
A new information disclosure vulnerability, CVE-2020-12418, was just discovered in Mozilla Firefox. The bug was discovered by Cisco Talos.
CVE-2020-12418: Firefox Information Disclosure Vulnerability

The security issues that are related to Guacamole are contained in two types. The CVE-2020-9497 advisory identifier is assigned to the security bugs. The two categories are the following:

  1. Zero-Day Critical Reverse RDP Vulnerabilities – This includes an information disclosure bug which sends out out-of-bonds data to the connected clients instead of the servers. This allows the hackers to capture the leaked data which are sent via the network packets. The other vulnerable part appears to be an audio channel that can be accessed by the criminals.
  2. FreeRPD Issues – It appears that the hackers have also found a way to make certain commands lead to a FreeRDP implementation weakness. The protocol weakness is categorized as a memory corruption

The CVE-2020-9498 advisory has also been assigned related to the Apache Guacamole issues following the reports. After the issues were published and the developers notified Apache released fixes that remedied the weakness. For this reason we urge all users to patch their installations to the latest available versions. The official patched version that followed is labeled as 1.2.0.

Avatar

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts - Website

Follow Me:
TwitterGoogle Plus

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...