#watchTowr

Citrix Issues Patches for Zero-Day Recording Manager Bugs

by

November 12, 2024 at 12:52PM Citrix has released patches for two vulnerabilities in its Virtual Apps and Desktop technology that could allow privilege escalation or remote code execution by attackers. Discovered by watchTowr, the flaws affect the Session Recording Manager. Citrix assigned a medium severity score, which watchTowr disputes, deeming the threat more critical. ### … Read more

Researchers call out QNAP for dragging its heels on patch development

by

May 20, 2024 at 10:07AM QNAP’s vulnerabilities disclosed by watchTowr revealed 15 issues, with only 4 addressed. Six are accepted with no available patches, while the rest are still under embargo or have no solution. QNAP has a history of ransomware attacks and slow patching. CVE-2024-27130, with potential RCE, remains unpatched despite being acknowledged by … Read more