Security News > 2020 > July > Attackers are probing Citrix controllers and gateways through recently patched flaws

Earlier this week, Citrix released security updates for Citrix Application Delivery Controller, Citrix Gateway, and the Citrix SD-WAN WANOP appliance, and urged admins to apply them as soon as possible to reduce risk.

On Thursday SANS ISC's Dr. Johannes Ullrich spotted attackers attempting to exploit two of the Citrix vulnerabilities on his F5 BigIP honeypot.

The security advisory Citrix published noted them and laid out the pre-conditions needed for their exploitation, but does not contain too many details.

"We are limiting the public disclosure of many of the technical details of the vulnerabilities and the patches to further protect our customers. Across the industry, today's sophisticated malicious actors are using the details and patches to reverse engineer exploits. As such, we are taking steps to advise and help our customers but also do what we can to shield intelligence from malicious actors," Citrix CISO Fermin Serna explained, and made sure to note that the patches provided fully resolve all issues.

"Vulnerable systems leak information about the system if hit with these exploits. So these are not as dangerous as the code execution issues we saw with Citrix over new year, or the F5 issues. But enumerating systems, and using the leaked information may lead to additional more targeted follow on attacks later."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/Ih04A9lFhxM/