Taking control of network by hacking Citrix Secure Access Client vulnerabilities


Citrix is a cloud computing firm with its headquarters in Florida. Citrix focuses in the areas of computer software, virtualization, and cloud computing. As of the year 2021, the corporation’s annual revenue is $3.22 billion, and it employs more than 9700 people all around the globe.

The firm is recognized as one of the Fortune 500 most successful businesses in the world, and it serves more than 400,000 customers.Citrix has issued security warnings about vulnerabilities ranging from critical to high severity. These vulnerabilities might enable threat actors to elevate their privileges if they have access to an endpoint with Standard user account authorization.

Citrix Desktop for Windows, Vulnerability Referenced as CVE-2023-24491

Citrix clients for Windows that are older than version 23.5.1.3 have a security flaw that might allow an attacker to take control of the affected computer. By exploiting this vulnerability, an adversary who is already authenticated and has access to a Standard Endpoint may raise their privileges to NT AUTHORITYSYSTEM without being detected.

The CVSS score for this vulnerability is 7.8, which indicates that it is a High risk.

Citrix Secure Access for Ubuntu (CVE-2023-24492)

There is a vulnerability in the security provided by versions of the Ubuntu Citrix Secure Client that are older than 23.5.2. Attackers may take advantage of this vulnerability in order to execute malicious code on the device of a user at a distant location. They may accomplish this goal by first persuading the user to click on a malicious link and then complying with any further instructions that appear.

A CVSS score of 9.8 has been assigned to this vulnerability, which has been rated as Critical.

Rilke Petrosky, a security researcher working with F2TC Cyber Security, was the one who uncovered both of these vulnerabilities.

Remediation

Users of these products should consider upgrading to the most recent versions as soon as possible to avoid being exploited.Citrix Secure Clients has been used by a great number of businesses all over the globe to provide workers with the ability to log in to distant systems. However, a significant vulnerability that might have enabled threat actors to remotely execute arbitrary code in Gateways and Citrix ADCs (Application Delivery Controllers) has been addressed.



Source link