CVE-2020-9497: A Severe Apache Guacamole 0-Day Vulnerability Discovered

A zero-day vulnerability has been discovered in the Apache guacamole remote desktop gateway. As per the researchers, the found problems are said to be Reverse RDP vulnerabilities that helps criminals to take over sessions, and the issues are now can be found in CVE-2020-9497 advisory.

Reportedly, one of the famous solution allowing users to set up a clientless remote desktop gateway, named Apache Guacamole is said to be affected by various zero-day vulnerabilities. This news actually came into light after the bugs and their identifiers are disclosed. This tool is basically used for creating essential connection to make remote desktop connections, and it supports almost all standard protocols used by client applications including VNC, RDP, and SSH. As per the design, the term Guacamole is HTML5 web application that is required to be to deployed on targeted machine and the server will be accessible through a normal browser.

According to what the experts have noticed, the issues related to Guacamole are found of two types which are discussed below:

  1. Zero-day critical reverse RDP vulnerabilities: This vulnerability includes an information disclosure bug that use to send out data to connected clients instead to send them to servers. Taking advantage of this, the criminals can easily manage to capture the leaked data which are disclosed by vulnerabilities through network packets. An another part is also found vulnerable and is an audio channel, which can also be accessed by hackers.
  2. FreeRPD vulnerabilities: The hackers have actually discovered a way to make some commands leading to FreeRDP implementation weakness, and this vulnerability is classified as memory corruption.

An another CVE-2020-9498 advisory has also been assigned which includes Apache Guacamole issues. Once these issues were made public and the developers noticed such issues, the Apache released its fixes in order to resolve the vulnerabilities. This is why, the users who are using this solution for remote connections, are suggested to install latest available version which is labeled as 1.2.0