Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Vulnerabilities in Apache Guacamole (CVE-2020-9497 and CVE-2020-9498)
Alerts

Vulnerabilities in Apache Guacamole (CVE-2020-9497 and CVE-2020-9498)

4 July 2020

Apache has released security updates to address two vulnerabilities (CVE-2020-9497 and CVE-2020-9498) in Apache Guacamole, a clientless remote desktop gateway.

Successful exploitation of the vulnerabilities could allow attackers on the same network to intercept traffic and take control of all sessions that are connected, allowing attackers to execute arbitrary code remotely.

The vulnerabilities affect Apache Guacamole versions 1.1.0 and older.

Administrators and users of the affected versions are advised to update their application immediately.

More information is available at:
https://guacamole.apache.org/security/
https://research.checkpoint.com/2020/apache-guacamole-rce/

Back to top