Rewterz Threat Advisory –Multiple Apache Guacamole Vulnerabilities

Rewterz Threat Alert – STRRAT Malware – Active IOCs

June 7, 2023

Rewterz Threat Advisory – Multiple VMware Aria Operations for Networks Vulnerabilities

June 8, 2023

Rewterz Threat Advisory –Multiple Apache Guacamole Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-30576 CVSS:6.8

Apache Guacamole could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free flaw in handling of RDP audio input buffer. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with the privileges of the guacd process.

CVE-2023-30575 CVSS:6.5

Apache Guacamole could allow a remote authenticated attacker to bypass security restrictions, caused by an incorrect calculation of Guacamole protocol element lengths flaw. By sending a specially crafted data, an attacker could exploit this vulnerability to inject Guacamole instructions.

Impact

Code Execution
Security Bypass

Indicators Of Compromise

CVE

CVE-2023-30576
CVE-2023-30575

Affected Vendors

Apache

Affected Products

Apache Guacamole 0.9.10
Apache Guacamole 1.5.1

Remediation

Upgrade to the latest version of Apache Guacamole, available from the Apache Website.

Apache Website

Rewterz Threat Alert – STRRAT Malware – Active IOCs

Rewterz Threat Advisory – Multiple VMware Aria Operations for Networks Vulnerabilities

Rewterz Threat Advisory –Multiple Apache Guacamole Vulnerabilities

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan