Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
SUBSCRIBE
Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
Zerosecurity
No Result
View All Result
Home Exploits

Citrix exploit CWE-284 allows hackers to reset admin password

Christi Rogalski by Christi Rogalski
July 8, 2022
in Exploits
0
Citrix CWE-284 CVE-2022-27511 exploit
29
SHARES
239
VIEWS
Share on FacebookShare on Twitter

A critical bug has been identified in the Citrix Application Delivery Management console (ADM) that, if exploited, could lead to a serious security breach including allowing the attackers access to reset admin passwords.

You might also like

Plex media server seen exploited in the wild utilizing a 3 year old RCE

New TPM 2.0 exploit attackers to access or overwrite sensitive data

Google reports a rise in ransomware attacks

Citrix warned customers to immediately deploy the security updates released to address this vulnerability. Citrix ADM is a web-based solution aimed at providing admins with access to a secure, centralized cloud-based console through which they can easily carry out and manage cloud Citrix and on-premises deployments such as Citrix Gateway, Citrix Secure Web Gateway, and Citrix Application Delivery Controller.

Tracked as CVE-2022-27511, the bug in question was reported by Florian Hauser of Code White and is said to have been caused by an Improper Access Control weakness. When exploited, the bug is capable of allowing unauthenticated threat actors unlimited remote access to all supported versions the of Citrix ADM server and Citrix ADM agents.

Following discovery, Citrix clarified in a press release that the impact of the vulnerability can go as far as allowing admin password reset at the next device reboot, and gives hackers with ssh access the ability to connect with default admin credentials once the reboot has been completed.

Immediate Upgrade or Mitigation

Citrix has also advised that customers who are currently running the supported versions of Citrix ADM and Citrix ADM servers should begin to carry out upgrades or mitigation actions immediately.

The company iterated that the flaws have indeed been addressed, but an upgrade must be made on both the Citrix ADM servers and all Citrix ADM agents, going as far as to provide detailed instructions on how to upgrade the servers of all associated CDM agents in its documentation website.

Furthermore, they also specified that those who, for some reason or another, are unable to carry out immediate upgrades can at least try to mitigate associated risks by following the instructions shared by the company

This instruction entails segmenting network traffic to the Citrix ADM’s IP address from that of the standard network traffic, either physically or logically. Doing this, the company mentioned, will greatly reduce the risk of exploitation.

The company also released a patch (CVE-2022-27512) the same week of a security flaw that could lead to a temporary break of the license server if exploited.

Tags: CitrixexploitPassword reset
Share17Tweet4
Christi Rogalski

Christi Rogalski

Christi began her InfoSec carrier at the Illinois Institute of Technology where she received her Bachelor of Science degree in Applied Cybersecurity and Information Technology. Her passions include learning about new threats in the security world, investing, and playing with her dog, Pablo.

Recommended For You

Plex media server seen exploited in the wild utilizing a 3 year old RCE

by Kyle
March 11, 2023
0
Plex RCE responsible-for lastpass breach

CISA, the cybersecurity and infrastructure agency, has included a severe remote code execution (RCE) vulnerability in the Plex Media Server, which is nearly three years old, in its...

Read more

New TPM 2.0 exploit attackers to access or overwrite sensitive data

by Paul Anderson
March 5, 2023
0
New TPM 2.0 Exploit

Two buffer overflow vulnerabilities have been discovered in the Trusted Platform Module (TPM) 2.0 specification, which could give cybercriminals unauthorized access to or the ability to overwrite sensitive...

Read more

Google reports a rise in ransomware attacks

by Paul Anderson
July 15, 2022
0
Google reports a rise in ransomware attacks

In the 3rd issue of the recently released, Threat Horizons, Google's Cybersecurity Action Team (GCAT) provides organizations with information about emerging risks and actionable mitigation. Bad actors have...

Read more

Cross-Site Scripting (XSS) attack method steals your browser’s auto-fill credentials

by Christi Rogalski
July 11, 2022 - Updated on February 23, 2023
0
Cross-Site Scripting (XSS) attack method steals your browser’s auto-fill credentials

Cross-site scripting, also known as XSS, attacks rank high on lists of common cybersecurity risks. It is the injection of malicious code into the web application to exploit...

Read more

Follina Exploit Being Deployed by Chinese APT Group TA413

by Kyle
June 3, 2022
0
Chinese APT TA413

A Chinese state-sponsored hacking group, given the call sign "TA413", has been identified using the new Microsoft Office zero-day exploit, Follina, to launch attacks. Microsoft has tagged this...

Read more
Next Post
Cross-Site Scripting (XSS) attack method steals your browser’s auto-fill credentials

Cross-Site Scripting (XSS) attack method steals your browser's auto-fill credentials

Related News

BreachForums Owner Arrested and Charged

BreachForums Owner Arrested and Charged

March 17, 2023
ChipMixer platform tied to crypto laundering scheme – seized by authorities

ChipMixer platform tied to crypto laundering scheme – seized by authorities

March 17, 2023
NSA intercepting U.S. Routers

NSA intercepting U.S. Routers

June 6, 2014 - Updated on March 17, 2023
Zerosecurity

We cover the latest in Information Security & Blockchain news, as well as threat trends targeting both sectors.

Categories

  • Crypto
  • Data Breaches
  • DotNet Framework
  • Downloads
  • Exploits
  • Exploits
  • Information
  • Legal
  • Malware
  • Malware Analysis
  • Mobile Security
  • Paper Downloads
  • Piracy
  • Privacy
  • Programming
  • Public
  • Security
  • Security
  • Software & Service Reviews
  • Technology News
  • Tools
  • Tutorials
  • Video Tutorials
  • Whitepapers
  • Zero Security
  • Contact Us
  • List of our Writers

© 2022 ZeroSecurity, All Rights Reserved.

No Result
View All Result
  • Home
  • Security
  • Exploits
  • Data Breaches
  • Malware
  • Privacy
  • Mobile Security
  • Tools
  • Contact Us
  • Privacy Policy

© 2022 ZeroSecurity, All Rights Reserved.