CyberNews Briefs

Apache Guacamole Vulnerabilities Facilitate Attacks on Enterprises

According to researchers at Check Point security, remote code execution and information disclosure vulnerabilities in Apache Guacamole, an HTML5 web application, can pose a significant threat to users. Researchers found that the flaws can be leveraged by threat actors targeting enterprises. Apache Guacamole is used on a broad range of devices and is one of the most prominent remote access tools available.

However, Check Point researchers have discovered vulnerabilities that can be exploited through a compromised machine and take over the gateway to control communications. The two critical vulnerabilities, CVE-2020-9497 and CVE-2020-9498 are information disclosure and use-after-free issues respectively. Check Point researchers have created an attack using the two bugs that provides remote code execution capabilities.

Read More: Apache Guacamole Vulnerabilities Facilitate Attacks on Enterprises

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.