Citrix

Pierluigi Paganini May 10, 2024
Citrix warns customers to update PuTTY version installed on their XenCenter system manually

Citrix urges customers to manually address a PuTTY SSH client flaw that could allow attackers to steal a XenCenter admin’s private SSH key. Versions of XenCenter for Citrix Hypervisor 8.2 CU1 LTSR used PuTTY, a third-party component, for SSH connections to guest VMs. However, PuTTY inclusion was deprecated with XenCenter version 8.2.6, and any versions […]

Pierluigi Paganini January 18, 2024
CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chrome and Citrix flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This week Citrix warned customers to install security updates to address two actively exploited zero-day vulnerabilities, tracked as CVE-2023-6548 and CVE-2023-6549, […]

Pierluigi Paganini January 17, 2024
Citrix warns admins to immediately patch NetScaler for actively exploited zero-days

Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler ADC and Gateway appliances. Citrix warns customers to install security updates to address two actively exploited zero-day vulnerabilities, tracked as CVE-2023-6548 and CVE-2023-6549, impacting Netscaler ADC and Gateway appliances. “Exploits of these CVEs on unmitigated appliances have been observed. Cloud Software Group strongly urges affected customers […]

Pierluigi Paganini December 19, 2023
Comcast’s Xfinity customer data exposed after CitrixBleed attack

Comcast’s Xfinity discloses a data breach after a cyber attack hit the company by exploiting the CitrixBleed vulnerability. Comcast’s Xfinity is notifying its customers about the compromise of their data in a cyberattack that involved the exploitation of the CitrixBleed flaw. CitrixBleed is a critical vulnerability, tracked as CVE-2023-4966, in Citrix NetScaler ADC (Application Delivery […]

Pierluigi Paganini October 18, 2023
Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August

Experts reported that the vulnerability CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been exploited in attacks since late August. On October 10, Citrix published a security bulletin related to a critical vulnerability, tracked as CVE-2023-4966, in Citrix NetScaler ADC/Gateway devices. “Exploits of CVE-2023-4966 on unmitigated appliances have been observed.” reported Citrix. “Cloud Software Group strongly urges customers of […]

Pierluigi Paganini August 02, 2023
Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks

Researchers warn that hundreds of Citrix servers have been hacked in an ongoing campaign exploiting the RCE CVE-2023-3519. Security researchers from the non-profit organization Shadowserver Foundation reported that hundreds of Citrix Netscaler ADC and Gateway servers have already been compromised as part of an ongoing campaign exploiting the critical remote code execution (RCE) vulnerability CVE-2023-3519. […]

Pierluigi Paganini July 31, 2023
Experts warn attackers started exploiting Citrix ShareFile RCE flaw CVE-2023-24489

Researchers warn that threat actors started exploiting Citrix ShareFile RCE vulnerability CVE-2023-24489 in the wild. Citrix ShareFile is a widely used cloud-based file-sharing application, which is affected by the critical remote code execution (RCE) tracked as CVE-2023-24489 (CVSS score of 9.1). The flaw impacts the customer-managed ShareFile storage zones controller, an unauthenticated, remote attacker can […]

Pierluigi Paganini July 23, 2023
Shadowserver reported that +15K Citrix servers are likely vulnerable to attacks exploiting the flaw CVE-2023-3519

Researchers reported that more than 15000 Citrix servers exposed online are likely vulnerable to attacks exploiting the vulnerability CVE-2023-3519. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week warned of cyber attacks against Citrix NetScaler Application Delivery Controller (ADC) and Gateway devices exploiting recently discovered zero-day CVE-2023-3519. The Agency states that threat actors targeted a NetScaler […]

Pierluigi Paganini July 19, 2023
Citrix warns of actively exploited zero-day in ADC and Gateway

Citrix is warning customers of an actively exploited critical vulnerability in NetScaler Application Delivery Controller (ADC) and Gateway. Citrix is warning customers of a critical vulnerability, tracked as CVE-2023-3519 (CVSS score: 9.8), in NetScaler Application Delivery Controller (ADC) and Gateway that is being actively exploited in the wild. The vulnerability, tracked as CVE-2023-3519 (CVSS score: 9.8), is a code injection that […]

Pierluigi Paganini July 12, 2023
Citrix fixed a critical flaw in Secure Access Client for Ubuntu

Citrix fixed a critical flaw affecting the Secure Access client for Ubuntu that could be exploited to achieve remote code execution. Citrix addressed a critical vulnerability, tracked as CVE-2023-24492 (CVSS score of 9.6), affecting the Secure Access client for Ubuntu that could be exploited to achieve remote code execution. An attacker can trigger the vulnerability […]