Rewterz Threat Alert – STRRAT Malware – Active IOCs
June 7, 2023Rewterz Threat Advisory – Multiple VMware Aria Operations for Networks Vulnerabilities
June 8, 2023Rewterz Threat Alert – STRRAT Malware – Active IOCs
June 7, 2023Rewterz Threat Advisory – Multiple VMware Aria Operations for Networks Vulnerabilities
June 8, 2023Severity
Medium
Analysis Summary
CVE-2023-30576 CVSS:6.8
Apache Guacamole could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free flaw in handling of RDP audio input buffer. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with the privileges of the guacd process.
CVE-2023-30575 CVSS:6.5
Apache Guacamole could allow a remote authenticated attacker to bypass security restrictions, caused by an incorrect calculation of Guacamole protocol element lengths flaw. By sending a specially crafted data, an attacker could exploit this vulnerability to inject Guacamole instructions.
Impact
- Code Execution
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-30576
- CVE-2023-30575
Affected Vendors
Apache
Affected Products
- Apache Guacamole 0.9.10
- Apache Guacamole 1.5.1
Remediation
Upgrade to the latest version of Apache Guacamole, available from the Apache Website.