Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
SUBSCRIBE
Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
Zerosecurity
No Result
View All Result
Home Exploits

Citrix exploit CWE-284 allows hackers to reset admin password

Christi Rogalski by Christi Rogalski
July 8, 2022
in Exploits
0
Citrix CWE-284 CVE-2022-27511 exploit
29
SHARES
165
VIEWS
Share on FacebookShare on Twitter

A critical bug has been identified in the Citrix Application Delivery Management console (ADM) that, if exploited, could lead to a serious security breach including allowing the attackers access to reset admin passwords.

You might also like

Google reports a rise in ransomware attacks

Cross-Site Scripting (XSS) attack method steals your browser’s auto-fill credentials

Follina Exploit Being Deployed by Chinese APT Group TA413

Citrix warned customers to immediately deploy the security updates released to address this vulnerability. Citrix ADM is a web-based solution aimed at providing admins with access to a secure, centralized cloud-based console through which they can easily carry out and manage cloud Citrix and on-premises deployments such as Citrix Gateway, Citrix Secure Web Gateway, and Citrix Application Delivery Controller.

Tracked as CVE-2022-27511, the bug in question was reported by Florian Hauser of Code White and is said to have been caused by an Improper Access Control weakness. When exploited, the bug is capable of allowing unauthenticated threat actors unlimited remote access to all supported versions the of Citrix ADM server and Citrix ADM agents.

Following discovery, Citrix clarified in a press release that the impact of the vulnerability can go as far as allowing admin password reset at the next device reboot, and gives hackers with ssh access the ability to connect with default admin credentials once the reboot has been completed.

Immediate Upgrade or Mitigation

Citrix has also advised that customers who are currently running the supported versions of Citrix ADM and Citrix ADM servers should begin to carry out upgrades or mitigation actions immediately.

The company iterated that the flaws have indeed been addressed, but an upgrade must be made on both the Citrix ADM servers and all Citrix ADM agents, going as far as to provide detailed instructions on how to upgrade the servers of all associated CDM agents in its documentation website.

Furthermore, they also specified that those who, for some reason or another, are unable to carry out immediate upgrades can at least try to mitigate associated risks by following the instructions shared by the company

This instruction entails segmenting network traffic to the Citrix ADM’s IP address from that of the standard network traffic, either physically or logically. Doing this, the company mentioned, will greatly reduce the risk of exploitation.

The company also released a patch (CVE-2022-27512) the same week of a security flaw that could lead to a temporary break of the license server if exploited.

Tags: CitrixexploitPassword reset
Share15Tweet3
Christi Rogalski

Christi Rogalski

Christi began her InfoSec carrier at the Illinois Institute of Technology where she received her Bachelor of Science degree in Applied Cybersecurity and Information Technology. Her passions include learning about new threats in the security world, investing, and playing with her dog, Pablo.

Recommended For You

Google reports a rise in ransomware attacks

by Paul Anderson
July 15, 2022
0
Google reports a rise in ransomware attacks

In the 3rd issue of the recently released, Threat Horizons, Google's Cybersecurity Action Team (GCAT) provides organizations with information about emerging risks and actionable mitigation. Bad actors have...

Read more

Cross-Site Scripting (XSS) attack method steals your browser’s auto-fill credentials

by Christi Rogalski
July 11, 2022
0
Cross-Site Scripting (XSS) attack method steals your browser’s auto-fill credentials

Cross-site scripting, also known as XSS, attacks rank high on lists of common cybersecurity risks. It is the injection of malicious code into the web application to exploit...

Read more

Follina Exploit Being Deployed by Chinese APT Group TA413

by Kyle
June 3, 2022
0
Chinese APT TA413

A Chinese state-sponsored hacking group, given the call sign "TA413", has been identified using the new Microsoft Office zero-day exploit, Follina, to launch attacks. Microsoft has tagged this...

Read more

Microsoft Office Zero-day “Follina” Allows Attackers to Execute PowerShell Scripts

by Kyle
May 31, 2022 - Updated on June 2, 2022
0
Microsoft Office zero-day exploit CVE-2022-30190

Researchers have discovered a new Microsoft Office zero-day vulnerability that is being used to carry out attacks in the wild. The zero-day has been dubbed Follina. The attacks...

Read more

Flash Zero-day exploited in the wild – CVE-2016-4171

by Kyle
June 15, 2016
0
CVE-2016-4171 flash zero-day

Another Adobe Flash Player zero-day has been found being exploited in “limited, targeted attacks”. Adobe has stated it will be patched later this week. The vulnerability, CVE-2016-4171 (CVE)...

Read more
Next Post
Cross-Site Scripting (XSS) attack method steals your browser’s auto-fill credentials

Cross-Site Scripting (XSS) attack method steals your browser's auto-fill credentials

Related News

BlueSky Ransomware backdoors KMSAuto activator

BlueSky Ransomware Infects KMSAuto Activator users

July 20, 2022 - Updated on July 22, 2022
BlackCat Ransomware aka “ALPHV” infections on the rise

BlackCat Ransomware aka “ALPHV” infections on the rise

June 16, 2022 - Updated on July 20, 2022
GIFs in messaging apps are tracking you

GIFs in messaging apps are tracking you

July 19, 2022
Zerosecurity

We cover the latest in Information Security & Blockchain news, as well as threat trends targeting both sectors.

Categories

  • Crypto
  • Data Breaches
  • DotNet Framework
  • Downloads
  • Exploits
  • Exploits
  • Information
  • Legal
  • Malware
  • Malware Analysis
  • Mobile Security
  • Paper Downloads
  • Piracy
  • Privacy
  • Programming
  • Public
  • Security
  • Security
  • Software & Service Reviews
  • Technology News
  • Tools
  • Tutorials
  • Video Tutorials
  • Whitepapers
  • Zero Security
  • Contact Us
  • List of our Writers

© 2022 ZeroSecurity, All Rights Reserved.

No Result
View All Result
  • Home
  • Security
  • Exploits
  • Data Breaches
  • Malware
  • Privacy
  • Mobile Security
  • Tools
  • Contact Us
  • Privacy Policy

© 2022 ZeroSecurity, All Rights Reserved.