Security News > 2020 > July > FYI: Someone's scanning gateways, looking for those security holes Citrix told you not to worry too much about
This week Citrix tried to reassure everyone the 11 security flaws it just patched in its network perimeter products weren't all that bad. Well, we hope they're right because someone's scanning the internet looking for vulnerable installations.
SANS dean of research Johannes Ullrich today said his honeypot, set up to detect exploitation attempts against bugs in F5's products, encountered attempts by someone to exploit a couple of the holes Citrix patched in its gear.
From the logs, it appears the connections were made to determine whether or not Ullrich's machine was vulnerable, which it wasn't because it wasn't running the buggy Citrix ADC, Citrix Gateway, or Citrix SD-WAN WANOP software.
The Register understands the probing began shortly after Citrix CISO Fermin Serna said on Tuesday a number of the bugs had "Barriers to exploitation" that would make them impractical to target in the wild.
You can find technical details on the Citrix vulnerabilities here, along with proof-of-concept exploits, by Donny Maasland.