Rewterz Threat Alert – Taurus Stealer
July 6, 2020Rewterz Threat Advisory – CVE-2020-7284 – McAfee Network Security Management command execution
July 7, 2020Rewterz Threat Alert – Taurus Stealer
July 6, 2020Rewterz Threat Advisory – CVE-2020-7284 – McAfee Network Security Management command execution
July 7, 2020Severity
High
Analysis Summary
Apache Guacamole could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption flaw when handling pointers involved in processing data received via RDP static virtual channels. By sending specially-crafted PDUs, an attacker could exploit this vulnerability to execute arbitrary code in the context of the running guacd process.
Impact
Gain Access
Affected Vendors
Apache
Affected Products
Apache Guacamole 1.1.0
Remediation
Upgrade to the latest version of Apache Guacamole (1.2.0 or later).