Security News > 2023 > August > CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks

CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks
2023-08-17 05:10

The U.S. Cybersecurity and Infrastructure Security Agency has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities catalog, based on evidence of active in-the-wild exploitation.

"This vulnerability affects all currently supported versions of customer-managed ShareFile storage zones controller before version 5.11.24," Citrix said in an advisory released in June.

It's worth noting that the first signs of exploitation of the vulnerability emerged toward the end of July 2023.

"CVE-2023-24489 is a cryptographic bug in Citrix ShareFile's Storage Zones Controller, a.NET web application running under IIS," GreyNoise said.

"The application uses AES encryption with CBC mode and PKCS7 padding but does not correctly validate decrypted data. This oversight allows attackers to generate valid padding and execute their attack, leading to unauthenticated arbitrary file upload and remote code execution."

The development comes as security alarms have been raised about active exploitation of CVE-2023-3519, a critical vulnerability affecting Citrix's NetScaler product, to deploy PHP web shells on compromised appliances and gain persistent access.


News URL

https://thehackernews.com/2023/08/cisa-adds-citrix-sharefile-flaw-to-kev.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-07-19 CVE-2023-3519 Code Injection vulnerability in Citrix products
Unauthenticated remote code execution
network
low complexity
citrix CWE-94
critical
9.8
2023-07-10 CVE-2023-24489 Unspecified vulnerability in Citrix Sharefile Storage Zones Controller
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller.
network
low complexity
citrix
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Citrix 118 20 177 80 65 342