July 8, 2020
This advisory provides information about the Apache Guacamole (HTML5 Access) vulnerabilities highlighted in CVE-2020-9498 and CVE-2020-9497. If an end user connects to a malicious or compromised RDP server, a series of specially-crafted PDUs could result in memory corruption or result in disclosure of information within the memory of the guard process handling the connection.
Multiple vulnerabilities in Citrix Application Delivery Control (ADC) Gateways. 4 of the vulnerabilities concerned are exploitable by an unauthenticated, remote attacker. Admins should patch their Citrix Application Delivery Controllers immediately
The following new features are available in Mobile Security for Enterprise 9.8 SP4: 1) Updated the policy page in Trend Micro Apex Central. 2)Upgraded Mobile Security for Enterprise built-in PHP version from 5.4.38 to 7.0.33. 3) Fixed some known bugs and vulnerabilities
The bugs lie within a configuration tool known as the Traffic Management User Interface. Successful exploitation allows an attacker to create or delete files, disable services, intercept information, run arbitrary system commands and Java code, completely compromise the system, and pursue further targets, such as the internal network.
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
Microsoft has discovered flaws residing in the Windows Codecs Library, an easy attack vector to social engineer victims into running malicious media files downloaded from the Internet. Codecs is a collection of support libraries that help the Windows operating system to play, compress and decompress various audio and video file extensions.