CVE-2023-6548 and CVE-2023-6549 are the two vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway. On successful exploitation, the vulnerabilities may result in remote code execution and denial of service. Citrix has mentioned in the advisory that they have observed the exploitation attempts on vulnerable appliances. Citrix stated in the advisory, “This bulletin only applies to … Continue reading “Citrix NetScaler ADC and NetScaler Gateway Vulnerabilities Exploited in the Wild (CVE-2023-6548 and CVE-2023-6549)”
Tag: Citrix
NetScaler Application Delivery Controller (ADC) and NetScaler Gateway Multiple Vulnerabilities (CVE-2023-4966 & CVE-2023-4967) (CitrixBleed)
Citrix has released patches to address two vulnerabilities (CVE-2023-4966 & CVE-2023-4967) in NetScaler ADC and Gateway. CVE-2023-4966 has been rated as critical, with a CVSS score of 9.4. Successful exploitation of the vulnerability may lead to information disclosure. CVE-2023-4967 has a high severity rating and a CVSS score of 8.2. Successful exploitation of the vulnerability … Continue reading “NetScaler Application Delivery Controller (ADC) and NetScaler Gateway Multiple Vulnerabilities (CVE-2023-4966 & CVE-2023-4967) (CitrixBleed)”
Citrix Application Delivery Controller (ADC) and Citrix Gateway Multiple Vulnerabilities (CVE-2023-3519, CVE-2023-3466, and CVE-2023-3467)
A new critical severity vulnerability (CVE-2023-3519) in the NetScaler ADC and NetScaler Gateway is being exploited in the wild. CVE-2023-3519 may allow an unauthenticated attacker to perform remote code execution on the target system. The advisory addressed two more vulnerabilities: CVE-2023-3466 CVE-2023-3467 Wouter Rijkbost and Jorren Geurts of Resillion have discovered the vulnerabilities addressed in … Continue reading “Citrix Application Delivery Controller (ADC) and Citrix Gateway Multiple Vulnerabilities (CVE-2023-3519, CVE-2023-3466, and CVE-2023-3467)”
Citrix Patches Multiple Vulnerabilities in Workspace, Virtual App, and Desktop (CVE-2023-24483, CVE-2023-24484, CVE-2023-24485, CVE-2023-24486)
Citrix has released security advisories to address multiple high-severity vulnerabilities affecting Workspace, Virtual Apps, and Desktops. The vulnerabilities are assigned with CVE-2023-24483, CVE-2023-24484, CVE-2023-24485, and CVE-2023-24486. On successful exploitation, these vulnerabilities can have severe consequences ranging from privilege escalation to session takeover. Citrix products are used in various organizations worldwide for handling multiple operations. … Continue reading “Citrix Patches Multiple Vulnerabilities in Workspace, Virtual App, and Desktop (CVE-2023-24483, CVE-2023-24484, CVE-2023-24485, CVE-2023-24486)”
Patches Released for Multiple Vulnerabilities in Citrix Gateway and ADC (CVE-2022-27510, CVE-2022-27513, and CVE-2022-27516)
Citrix has released patches for multiple vulnerabilities in Citrix Gateway and ADC (CVE-2022-27510, CVE-2022-27513, and CVE-2022-27516). These vulnerabilities can be exploited by an attacker to gain unauthorized access to the device, take over remote desktops, or bypass the login brute force protection. Citrix Gateway unifies remote access infrastructure to offer single sign-on for all applications, … Continue reading “Patches Released for Multiple Vulnerabilities in Citrix Gateway and ADC (CVE-2022-27510, CVE-2022-27513, and CVE-2022-27516)”
GRUB2 Boothole Buffer Overflow Vulnerability (CVE-2020-10713)
On 29th July 2020, a team of security researchers disclosed a high priority bug in GRUB2(GRand Unified Bootloader version 2) , affecting billions of Linux and Windows systems using secure boot. CVE-2020-10713 is assigned to this buffer overflow vulnerability, termed as “Boothole”. “Boothole” Secure Boot is designed to verify all the firmware of the computer … Continue reading “GRUB2 Boothole Buffer Overflow Vulnerability (CVE-2020-10713)”
Identify and Remediate Most Exploited Vulnerabilities in last 5 years using VMDR
Summary: Amidst the global pandemic time period, DHS CISA and FBI share list of top 10 most exploited vulnerabilities on May 12,2020. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS CISA) and the Federal Bureau of Investigation (FBI), urges organizations in the public and private sector to apply necessary updates in order to … Continue reading “Identify and Remediate Most Exploited Vulnerabilities in last 5 years using VMDR”
Qualys Discloses Multiple Vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway
Qualys Security Research Team has disclosed multiple vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway. Citrix has addressed these vulnerabilities in CTX232161. The affected versions and CVEs are listed below. CVE(s) Description Product Affected Version : Build CVE-2018-6810 Directory Traversal Vulnerability Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway < 12.0 : 57.19 < 11.1 : … Continue reading “Qualys Discloses Multiple Vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway”