The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vital safety flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2023-24489, the flaw permits unauthenticated attackers to compromise susceptible cases remotely. The vulnerability stems from ShareFile’s dealing with of cryptographic operations, enabling adversaries to add arbitrary information and obtain distant code execution. The first indicators of exploitation emerged in July 2023, with the risk actors behind the assaults remaining unknown. Notably, the Cl0p ransomware gang has beforehand focused zero-day vulnerabilities in managed file switch options. Threat intelligence agency GreyNoise noticed a spike in exploitation makes an attempt concentrating on the Citrix ShareFile flaw on August 15, 2023.
Federal Civilian Executive Branch (FCEB) companies have been mandated to apply vendor-provided fixes to remediate the vulnerability by September 6, 2023. Another vital vulnerability affecting Citrix NetScaler merchandise, CVE-2023-3519, has additionally been actively exploited to deploy PHP net shells on compromised home equipment and acquire persistent entry.
Source hyperlink