Use-after-free in Guacamole

#VU86014 Use-after-free in Guacamole

Published: 2024-02-01

Vulnerability identifier: #VU86014

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-30576

CWE-ID: CWE-416

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Guacamole
Server applications / Remote management servers, RDP, SSH

Vendor: Apache Foundation

Description

The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling RDP audio input buffer. A remote user can trigger a use-after-free error and execute arbitrary code on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Guacamole: 0.9.10 - 1.5.1

External links
http://lists.apache.org/thread/vgtvxb3w7mm84hx6v8dfc0onsoz05gb6

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Apache Guacamole