CISA Urges Patching of Actively Exploited Citrix Bug

by admin 0 Comments

Security
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that a Citrix flaw patched in June is being actively exploited in the wild.

CVE-2023-24489 was added to the agency’s Known Exploited Vulnerabilities Catalog yesterday, with CISA warning it poses “significant risks to the federal enterprise.”

The flaw is described as an improper access control vulnerability in Citrix ShareFile (aka Citrix Content Collaboration). If exploited, it “could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller,” CISA said.

Citrix released an advisory on the critical severity bug, which has a CVSS score of 9.1, on June 13.

“This vulnerability affects all currently supported versions of customer-managed ShareFile storage zones controller before version 5.11.24,” it said, when releasing the update.

Read more on flaws in file sharing software: Clop Ransom Gang Breaches Big Names Via MOVEit Flaw

Citrix Content Collaboration is software that allows enterprise file sync and sharing. Its storage zones controller feature enables users to extend these file sharing capabilities to private data storage in order to meet regulatory requirements.

“The storage zones that you maintain can reside in your on-premises single-tenant storage system or in supported third-party cloud storage. This includes Amazon S3 and Windows Azure,” Citrix explains.

“Storage zones controller also provides users with secure access to SharePoint sites and network file shares through storage zone connectors. Storage zone connectors enable you to provide secure mobile access to data residing behind your corporate firewall without the need to migrate data to the cloud.”

File sharing services have become a popular target for ransomware groups over recent years, with the Clop group in particular exploiting zero-day vulnerabilities in MOVEit, and earlier in Accellion and GoAnywhere products, to devastating effect.

That’s why CISA demands all federal civilian agencies patch the vulnerability by September 6. Private enterprises are encouraged to follow suit.

This article was originally published by Infosecurity-magazine.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

Android Flaw Affected Apps With 4 Billion Installs
Adding insult to injury: crypto recovery scams
Study Reveals Alarming Levels of USPS Phishing Traffic
The vision behind Starmus – A Q&A with the festival’s co-founder Garik Israelian
Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds

Leave a Reply

Your email address will not be published. Required fields are marked *