Citrix ShareFile storage zones Controller multiple security updates
CTX269106 NewCitrix ShareFile storage zones Controller multiple security updatesApplicable Products : ShareFileSecurity issues have been identified in customer-managed Citrix ShareFile storage zone controllers. These vulnerabilities, if exploited, would allow an unauthenticated attacker to compromise the storage zones controller potentially giving...
Citrix Hypervisor Security Update
CTX272237 NewCitrix Hypervisor Security UpdateApplicable Products : Citrix_HypervisorXenServerXenServer_7_1_Cumulative_Update_2An issue has been discovered in Citrix Hypervisor that, if exploited, could potentially allow an attacker on the management network to enumerate valid administrative account usernames. Note that this attack does not disclose...
Citrix Hypervisor Multiple Security Updates
CTX270837 NewCitrix Hypervisor Multiple Security UpdatesApplicable Products : Citrix_Hypervisor_8_0Citrix_Hypervisor_8_1XenServer_7_0XenServer_7_1_Cumulative_Update_2Several issues have been identified within Citrix Hypervisor, which could, if exploited, allow:privileged code in a PV guest VM to read a single uninitialized 4kB page of memory (that may contain data...
CVE-2020-6175 – Citrix SD-WAN Security Update
CTX263526 NewApplicable Products : Citrix SD-WAN, Citrix SD-WAN 10.1, NetScaler SD-WAN 10.0An information disclosure vulnerability has been identified in the Citrix SD-WAN Appliance. This vulnerability could allow an unauthenticated attacker to perform a man-in-the-middle attack against management traffic. The vulnerability has been...
CVE-2019-19781 – Vulnerability in Citrix Application Delivery Controller and Citrix Gateway
CTX267027 NewApplicable Products : Citrix ADC, Citrix Gateway, NetScaler, NetScaler GatewayA vulnerability has been identified in Citrix Application Delivery Controller (ADC) formerly known as NetScaler ADC and Citrix Gateway formerly known as NetScaler Gateway that, if exploited, could allow an unauthenticated attacker to...
Citrix Hypervisor Security Update
CTX266932 NewApplicable Products : Citrix Hypervisor 8.0, XenServer 7.0, XenServer 7.1 LTSR Cumulative Update 2, XenServer 7.6A number of vulnerabilities have been found in Citrix Hypervisor (formerly Citrix XenServer) that may:i. Allow the host to be compromised by privileged code in a PV...
Citrix ADC and Citrix Gateway Security Update (CVE-2019-0140)
CTX263807 NewApplicable Products : Citrix ADC, Citrix GatewayA vulnerability has been identified affecting Citrix Application Delivery Controller (ADC) formerly known as NetScaler ADC, and Citrix Gateway, formerly known as NetScaler Gateway, platforms which could result in privilege escalation via layer 2...
Citrix Hypervisor Security Update
CTX263684 NewApplicable Products : Citrix Hypervisor 8.0, XenServer 7.0, XenServer 7.1 LTSR Cumulative Update 2, XenServer 7.6A security issue has been identified in certain CPU hardware that may allow unprivileged code running on a CPU core to infer the value of memory data...
Hypervisor Security Update
CTX263477 NewApplicable Products : Citrix Hypervisor 8.0, XenServer 7.0, XenServer 7.1 LTSR Cumulative Update 2, XenServer 7.6A number of vulnerabilities have been found in Citrix Hypervisor (formerly Citrix XenServer) that allow the host to be compromised by:i. Privileged code in a guest VM...
Authentication Bypass Vulnerability in Citrix ADC and Citrix Gateway Management Interface
CTX261055 NewApplicable Products : Citrix ADC, Citrix Gateway, NetScaler GatewayA vulnerability has been identified in the management interface of Citrix Application Delivery Controller (ADC) formerly known as NetScaler ADC and Citrix Gateway formerly known as NetScaler Gateway that, if exploited, could allow...
CVE-2019-TBD – Citrix Application Delivery Management (ADM) Console Security Update
CTX261735 NewApplicable Products : Citrix Application Delivery ManagementAn authorisation bypass vulnerability was discovered in the Citrix Application Delivery Management (ADM) server. The vulnerability allows a Citrix ADM user with read-only privilege to access a managed instances with admin level permissions....
Multiple Vulnerabilities in Citrix License Server for Windows and VPX
CTX261963 NewApplicable Products : LicensingMultiple Denial-of-Service vulnerabilities have been identified in Citrix License Server for Windows and VPX that, when exploited, could result in an attacker being able to force the vendor service to shutdown. These vulnerabilities have been assigned...
Citrix SD-WAN Security Update
CTX256918 NewApplicable Products : Citrix SD-WANMultiple denial of service vulnerabilities have been identified in the Citrix SD-WAN Appliance and Citrix SD-WAN Center Management Console. These vulnerabilities could permit a remote attacker to cause a denial of service by causing a...
CVE-2019-13609 – CRLF Vulnerability in Citrix License Server for Windows and VPX
CTX257644 UpdatedApplicable Products : LicensingA Carriage Return Line Feed (CRLF) injection vulnerability has been identified in Citrix License Server for Windows and VPX that could allow an unauthenticated attacker to bypass authentication and allow a malicious website to read or...
CVE-2008-1447 – Vulnerability in NetScaler and Access Gateway Enterprise Edition could result in DNS Cache Poisoning
CTX117991 UpdatedApplicable Products : Access Gateway 8.0 Enterprise Edition, Access Gateway 8.1 Enterprise Edition, NetScaler 8.0, NetScaler 8.1Description of ProblemA vulnerability has been identified in the Citrix NetScaler and Access Gateway Enterprise Edition appliances that could result in Domain Name System (DNS) cache...
New iOS Jailbreak Tool Works on iPhone Models iOS 11 to iOS 13.5
Latest version of UnC0ver uses unpatched zero-day exploit to take complete control of devices, even those running iOS 13.5.
Bluetooth Vulnerability: BIAS
This is new research on a Bluetooth vulnerability (called BIAS) that allows someone to impersonate a trusted device:
Abstract: Bluetooth (BR/EDR) is a pervasive technology for wireless communication used by billions of devices. The Bluetooth standard includes a legacy authentication...
Updated AnarchyGrabber Steals Passwords, Spreads to Discord Friends
Researchers found an updated version of AnarchyGrabber that steals victims’ plaintext passwords for and infects victims’ friends on Discord. Detected as AnarchyGrabber3, the new trojan variant modified the Discord client’s %AppData%Discordmodulesdiscord_desktop_coreindex.js file upon successful installation. This process gave the...
Forescout files lawsuit against Advent for withdrawal of merger plans due to COVID-19
Advent says the pandemic has resulted in “material” changes at Forescout. The company disagrees.
How To Achieve Balance Between Cybersecurity And The User Experience
Usability and security go hand in hand. If you have usability, then by default, you should have security designed into it.
