Security News > 2024 > November > New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration
2024-11-12 14:01
Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from watchTowr, is rooted in the Session Recording component that allows system administrators to capture user activity, and record keyboard and mouse input, along with a video stream of the
News URL
https://thehackernews.com/2024/11/new-flaws-in-citrix-virtual-apps-enable.html
Related news
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- HTTP your way into Citrix's Virtual Apps and Desktops with fresh exploit code (source)
- CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)