Security News > 2020 > July > Apache Guacamole Vulnerabilities Facilitate Attacks on Enterprises

Apache Guacamole Vulnerabilities Facilitate Attacks on Enterprises
2020-07-03 12:27

Remote code execution and information disclosure vulnerabilities addressed in Apache Guacamole can be highly useful to threat actors targeting enterprises, Check Point security researchers warn.

An open-source remote desktop gateway, Apache Guacamole is an HTML5 web application that can be used on a broad range of devices, straight from the web browser.

Based on the previous discovery of vulnerabilities in FreeRDP, the security researchers identified two issues in Apache Guacamole iterations that do not implement the available patches for FreeRDP. They also devised an attack that could essentially provide remote code execution capabilities.

"Using Apache Guacamole as our example target, we were able to successfully demonstrate how a compromised computer inside the organization can be used to take control of the gateway that handles all of the remote sessions into the network. Once in control of the gateway, an attacker can eavesdrop on all incoming sessions, record all the credentials used, and even start new sessions to control the rest of the computers within the organization," Check Point notes.

The vulnerabilities were reported to Apache on March 31, silent patches were pushed in early May, and final patches were released on June 28, in Guacamole version 1.2.0.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/mppTRHpndDQ/apache-guacamole-vulnerabilities-facilitate-attacks-enterprises

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apache 281 13 544 711 366 1634