Vulnerability Details CVE-2020-9498
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed with the privileges of therunning guacd process.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.0%
CVSS Severity
CVSS v3 Score 6.7
CVSS v2 Score 6.2
References
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44525
- https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/r26fb170edebff842c74aacdb1333c1338f0e19e5ec7854d72e4680fc%40%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/rff824b38ebd2fddc726b816f0e509696b83b9f78979d0cd021ca623b%40%3Cannounce.guacamole.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2020/11/msg00010.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVV5K2X4EXSAVUUL7IJ3MUJ3ADWMVSBM/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNS7UHBOFV6JHWH5XOEZTE3BREGRSSQ3/
- https://research.checkpoint.com/2020/apache-guacamole-rce/
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44525
- https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/r26fb170edebff842c74aacdb1333c1338f0e19e5ec7854d72e4680fc%40%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/rff824b38ebd2fddc726b816f0e509696b83b9f78979d0cd021ca623b%40%3Cannounce.guacamole.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2020/11/msg00010.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVV5K2X4EXSAVUUL7IJ3MUJ3ADWMVSBM/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNS7UHBOFV6JHWH5XOEZTE3BREGRSSQ3/
- https://research.checkpoint.com/2020/apache-guacamole-rce/
Products affected by CVE-2020-9498
-
cpe:2.3:a:apache:guacamole:0.3.0
-
cpe:2.3:a:apache:guacamole:0.4.0
-
cpe:2.3:a:apache:guacamole:0.5.0
-
cpe:2.3:a:apache:guacamole:0.6.0
-
cpe:2.3:a:apache:guacamole:0.6.1
-
cpe:2.3:a:apache:guacamole:0.6.2
-
cpe:2.3:a:apache:guacamole:0.6.3
-
cpe:2.3:a:apache:guacamole:0.7.0
-
cpe:2.3:a:apache:guacamole:0.7.1
-
cpe:2.3:a:apache:guacamole:0.7.2
-
cpe:2.3:a:apache:guacamole:0.7.3
-
cpe:2.3:a:apache:guacamole:0.7.4
-
cpe:2.3:a:apache:guacamole:0.8.0
-
cpe:2.3:a:apache:guacamole:0.8.2
-
cpe:2.3:a:apache:guacamole:0.8.3
-
cpe:2.3:a:apache:guacamole:0.8.4
-
cpe:2.3:a:apache:guacamole:0.9.0
-
cpe:2.3:a:apache:guacamole:0.9.1
-
cpe:2.3:a:apache:guacamole:0.9.10
-
cpe:2.3:a:apache:guacamole:0.9.10-incubating
-
cpe:2.3:a:apache:guacamole:0.9.11
-
cpe:2.3:a:apache:guacamole:0.9.11-incubating
-
cpe:2.3:a:apache:guacamole:0.9.12
-
cpe:2.3:a:apache:guacamole:0.9.12-incubating
-
cpe:2.3:a:apache:guacamole:0.9.13
-
cpe:2.3:a:apache:guacamole:0.9.13-incubating
-
cpe:2.3:a:apache:guacamole:0.9.14
-
cpe:2.3:a:apache:guacamole:0.9.2
-
cpe:2.3:a:apache:guacamole:0.9.3
-
cpe:2.3:a:apache:guacamole:0.9.4
-
cpe:2.3:a:apache:guacamole:0.9.5
-
cpe:2.3:a:apache:guacamole:0.9.6
-
cpe:2.3:a:apache:guacamole:0.9.7
-
cpe:2.3:a:apache:guacamole:0.9.8
-
cpe:2.3:a:apache:guacamole:0.9.9
-
cpe:2.3:a:apache:guacamole:1.0.0
-
cpe:2.3:a:apache:guacamole:1.1.0
-
cpe:2.3:o:debian:debian_linux:9.0
-
cpe:2.3:o:fedoraproject:fedora:32
-
cpe:2.3:o:fedoraproject:fedora:33