Citrix Bleed Bug: A Critical Vulnerability in Widespread Use
Despite the fact that a patch has been available for three weeks, ransomware hackers are exploiting a vulnerability that allows attackers to bypass multifactor authentication and access enterprise networks using Citrix hardware.
What exactly is Citrix Bleed?
CVE-2023-4966, which exists in Citrix’s NetScaler Application Delivery Controller and NetScaler Gateway, has been actively exploited since August. The vulnerability has a severity rating of 9.4 out of a possible 10, which is quite high for a simple information-disclosure fault.
According to some estimates, 20,000 smartphones have already been compromised. The reason for this is that the information released may contain session tokens, which are assigned by the hardware to devices that have previously successfully provided credentials, including those delivering MFA
Attacks on the rise
Attacks have just lately increased, forcing security researcher Kevin Beaumont to write on Saturday, “This vulnerability is now under mass exploitation.” He went on to describe the situation as follows: “From talking to multiple organizations, they are seeing widespread exploitation.”
He stated that as of This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents