Security News > 2023 > August > Don't just patch your Citrix gear, check for intrusion: Two bugs exploited in wild

Don't just patch your Citrix gear, check for intrusion: Two bugs exploited in wild
2023-08-17 21:55

Miscreants are actively exploiting critical bugs in two of Citrix's products, both of which the business IT player fixed earlier this summer.

Uncle Sam's Cybersecurity and Infrastructure Security Agency on Wednesday warned that criminals have exploited CVE-2023-24489, a 9.8-of-10-severity improper-access-control bug in Citrix ShareFile.

Citrix sounded the alarm about that security flaw on June 13, and warned that the vulnerability, if exploited, "Could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller."

Now the bug has been added to CISA's Known Exploited Vulnerabilities Catalog of stuff that should be fixed as soon as possible because it's under attack in the wild.

Citrix issued a security alert about this CVE and two others on July 18.

In a report published on Tuesday, Fox-IT in collaboration with the Dutch Institute of Vulnerability Disclosure said they've "Uncovered a large-scale exploitation campaign" abusing this vulnerability to backdoor Citrix NetScalers appliances.


News URL

https://go.theregister.com/feed/www.theregister.com/2023/08/17/citrix_mft_exploit/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-07-10 CVE-2023-24489 Unspecified vulnerability in Citrix Sharefile Storage Zones Controller
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller.
network
low complexity
citrix
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Citrix 66 2 64 101 46 213