Citrix Archives - Securezoo

Citrix fixes 2 Critical ADM vulnerabilities (CVE-2022-27511 and CVE-2022-27512)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / June 16, 2022 June 16, 2022 /

Citrix has fixed two Critical Application Delivery Management (ADM) vulnerabilities (CVE-2022-27511 and CVE-2022-27512).

Tags: ADM, Citrix, CVE-2022-27511, CVE-2022-27512

PRC state-sponsored cyber actors routinely exploit these 16 network device vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / June 8, 2022 June 8, 2022 /

The FBI, NSA and CISA coauthored a joint Cybersecurity Advisory detailing how People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities to gain access to a broad network of compromised infrastructure.

Tags: CISA, Cisco, Citrix, CVE-2017-6862, CVE-2018-0171, CVE-2018-13382, CVE-2018-14847, CVE-2019-11510, CVE-2019-15271, CVE-2019-1652, CVE-2019-16920, CVE-2019-19781, CVE-2019-7192, CVE-2019-7193, CVE-2019-7194, CVE-2019-7195, CVE-2020-29583, CVE-2020-8515, CVE-2021-22893, FBI, MicroTik, NETGEAR, NSA, Pulse, QNAP, SOHO, ZyXEL

Citrix addresses 4 Hypervisor vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / January 15, 2022 January 15, 2022 /

Citrix has issued a security update for Citrix Hypervisor vulnerabilities, that may each allow privileged code in a guest VM to cause the host to crash or become unresponsive.

Tags: Citrix, Hypervisor, XenServer

Citrix addresses vulnerability (CVE-2022-21825) in Workspace App for Linux

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / January 11, 2022 January 11, 2022 /

Citrix has addressed a vulnerability in Workspace App for Linux that could result in elevation of privileges as root.

Tags: Citrix, CVE-2022-21825, Workspace

Citrix addresses Critical DoS vulnerability in ADC and Citrix Gateway products

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / November 11, 2021 November 11, 2021 /

Citrix has addressed a Critical unauthenticated denial of service (DoS) vulnerability CVE-2021-22955 in ADC and Citrix Gateway products.

Tags: AAA virtual server, ADC, Citrix, CVE-2021-22955, Gateway, SD-WAN, VPN, WANOP

Citrix Hypervisor security updates

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / September 10, 2021 September 11, 2021 /

Citrix has issued a security update for Citrix Hypervisor vulnerabilities, that may collectively allow an attacker to launch privileged code in a guest VM to compromise or crash the host.

Tags: Citrix, CVE-2021-28694, CVE-2021-28697, CVE-2021-28698, CVE-2021-28699, CVE-2021-28701, Hypervisor

Top 30 most commonly exploited vulnerabilities over 2020 and 2021

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / July 29, 2021 August 6, 2021 /

Cybersecurity experts from Australia, U.K., and U.S. governments have released a list of the most commonly exploited vulnerabilities over 2020 and 2021.

Tags: Atlassian, BIG-IP, Citrix, CVE 2018-13379, CVE 2019-11510, CVE 2019-18935, CVE 2020-15505, CVE 2020-5902, CVE-2017-11882, CVE-2018-13379, CVE-2018-7600, CVE-2019-0604, CVE-2019-11580, CVE-2019-19781, CVE-2019-5591, CVE-2020-0787, CVE-2020-12812, CVE-2020-1472, CVE-2021-21985, CVE-2021-22894, CVE-2021-22899, CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104, Drupal, F5, Fortinet, MobileIron, Netlogon, Office, Pulse, Zerologon

Citrix patches privileged escalation vulnerability in Virtual Apps and Desktops

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / July 17, 2021 July 17, 2021 /

Citrix has patched a vulnerability (CVE-2021-22928) in Virtual Apps and Desktops that could result in privilege escalation on a Windows Virtual Delivery Agent (VDA).

Tags: Citrix, CVE-2021-2292, VDA, Virtual Apps and Desktops, Windows

Citrix fixes 3 Hypervisor vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / March 31, 2021 March 31, 2021 /

Citrix has released patches for Citrix Hypervisor that address two vulnerabilities. If exploited, an attacker could exploit privileged code in a guest VM and cause the host to crash or become unresponsive.

Tags: Citrix, CVE-2020-35498, CVE-2021-28038, CVE-2021-28688, Hypervisor, LTSR

APT actors exploit legacy internet-facing vulnerabilities in combination with Zerologon to target organizations

Cybersecurity Articles, Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / October 10, 2020 October 10, 2020 /

Advanced persistent threat actors (APTs) are exploiting multiple legacy vulnerabilities in combination with newer “Zerologon” to target government networks, critical infrastructure, and elections organizations.

Tags: BIG-IP, CISA, Citrix, CVE-2018-13379, CVE-2019-11510, CVE-2019-19781, CVE-2020-1472, CVE-2020-15505, CVE-2020-2021, CVE-2020-5902, F5, FortiGuard, FortiOS, MobileIron, Netscaler, Palo Alto Networks, Pulse Secure, Zerologon