ID:3061 - Exploit for Access of Uninitialized Pointer in Guacamole - CVE-2020-9498

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:3061 - Exploit for Access of Uninitialized Pointer in Guacamole - CVE-2020-9498

ID:3061 - Exploit for Access of Uninitialized Pointer in Guacamole - CVE-2020-9498

Published: July 6, 2020


Vulnerability identifier: #VU29482
Vulnerability risk: High
CVE-ID: CVE-2020-9498
CWE-ID: CWE-824
Exploitation vector: Remote access
Vulnerable software:
Guacamole

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to the affected software mishandles pointers involved in processing data received via RDP static virtual channels. A remote attacker can use a specially crafted PDUs and execute arbitrary code on the target system.


Remediation

Install updates from vendor's website.