Apache Guacamole is a clientless remote desktop gateway that supports protocols like SSH, RDP, and VNC. In versions 1.5.5 and earlier, the terminal emulator component fails to properly validate array indices when processing console codes received from servers via text-based protocols such as SSH. This improper validation (CWE-129) can be exploited by a malicious user who has access to a text-based connection to send specially crafted sequences of console codes. These sequences can cause out-of-bounds array access, leading to arbitrary code execution within the context of the guacd process, which typically runs with limited but significant privileges. The vulnerability does not require user interaction but does require network access to the vulnerable service and at least low privileges. The impact includes potential full compromise of the Guacamole server's confidentiality and integrity, allowing attackers to execute arbitrary commands, potentially pivot within the network or exfiltrate sensitive data. The vulnerability was assigned CVE-2024-35164 and has a CVSS 3.1 base score of 6.8, reflecting medium severity due to the complexity of exploitation (high attack complexity) and required privileges (low). No known exploits are currently reported in the wild. The Apache Software Foundation fixed this issue in Guacamole version 1.6.0 by improving validation of console codes to prevent out-of-bounds access.

For European organizations, this vulnerability poses a significant risk to the security of remote access infrastructure. Apache Guacamole is widely used in enterprise environments for secure remote desktop and terminal access without client-side software installation. Exploitation could lead to unauthorized code execution on the Guacamole server, compromising sensitive internal systems and data. This is particularly critical for sectors such as finance, healthcare, government, and critical infrastructure where remote access solutions are prevalent. The ability to execute arbitrary code could allow attackers to move laterally within networks, escalate privileges, or disrupt operations. Given the medium severity and absence of known exploits, the immediate risk is moderate but could increase if exploit code becomes available. Organizations relying on Guacamole for remote access should consider this vulnerability a priority for patching to maintain confidentiality and integrity of their systems.

The primary mitigation is to upgrade Apache Guacamole to version 1.6.0 or later, where the vulnerability is fixed. Until upgrade is possible, organizations should restrict network access to the guacd service to trusted hosts only, ideally via firewall rules or VPN segmentation. Implement strict access controls and monitor logs for unusual or malformed terminal input that could indicate exploitation attempts. Employ network intrusion detection systems (NIDS) with signatures for anomalous SSH or terminal traffic patterns. Additionally, run guacd with the least privileges necessary and consider containerizing or sandboxing the service to limit impact of potential compromise. Regularly audit and update remote access infrastructure components and educate administrators about this vulnerability to ensure timely response.