#CitrixVulnerabilities

Exploitation Attempts Target Citrix Session Recording Vulnerabilities

November 21, 2024 by Xynik

November 21, 2024 at 04:34AM Exploitation attempts have been reported for two Citrix Session Recording vulnerabilities (CVE-2024-8068, CVE-2024-8069), which allow remote code execution. Although patches were issued, some reports suggest systems are exposed to the internet. Citrix advises users to update software to mitigate risks, as exploitation attempts continue. **Meeting Takeaways:** 1. **Vulnerability Overview:** – … Read more

Citrix Issues Patches for Zero-Day Recording Manager Bugs

November 12, 2024 by Xynik

November 12, 2024 at 12:52PM Citrix has released patches for two vulnerabilities in its Virtual Apps and Desktop technology that could allow privilege escalation or remote code execution by attackers. Discovered by watchTowr, the flaws affect the Session Recording Manager. Citrix assigned a medium severity score, which watchTowr disputes, deeming the threat more critical. ### … Read more

‘CitrixBleed’ Linked to Ransomware Hit on China’s State-Owned Bank

November 10, 2023 by Xynik

November 10, 2023 at 02:16PM The recent ransomware attack on the Industrial and Commercial Bank of China (ICBC) may be linked to a vulnerability in Citrix’s NetScaler technology. The vulnerability, known as “CitrixBleed,” allows attackers to steal sensitive information and hijack user sessions. It has a severity score of 9.4 out of 10 and has … Read more