• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
alert: poc exploits released for citrix and vmware vulnerabilities

Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities

You are here: Home / General Cyber Security News / Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities
October 25, 2023

Virtualization products and services supplier VMware has alerted prospects to the existence of a evidence-of-principle (PoC) exploit for a not long ago patched security flaw in Aria Operations for Logs.

Tracked as CVE-2023-34051 (CVSS rating: 8.1), the significant-severity vulnerability relates to a circumstance of authentication bypass that could guide to remote code execution.

“An unauthenticated, malicious actor can inject documents into the running process of an impacted equipment which can result in distant code execution,” VMware observed in an advisory on October 19, 2023.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


James Horseman from Horizon3.ai and the Randori Attack Team have been credited with identifying and reporting the flaw.

Horizon3.ai has given that built out there a PoC for the vulnerability, prompting VMware to revise its advisory this 7 days.

It’s value noting that CVE-2023-34051 is a patch bypass for a set of critical flaws that had been tackled by VMware previously this January that could expose users to remote code execution attacks.

Cybersecurity

“This patch bypass would not be pretty challenging for an attacker to find,” Horseman stated. “This attack highlights the relevance of defense in depth. A defender cannot usually have faith in that an official patch totally mitigates a vulnerability.”

The disclosure will come as Citrix produced an advisory of its possess, urging prospects to utilize fixes for CVE-2023-4966 (CVSS rating: 9.4), a critical security vulnerability impacting NetScaler ADC and NetScaler Gateway that has occur under energetic exploitation in the wild.

“We now have reports of incidents consistent with session hijacking, and have obtained credible studies of targeted attacks exploiting this vulnerability,” the firm said this week, corroborating a report from Google-owned Mandiant.

The exploitation attempts are also likely to ramp up in the coming times presented the availability of a PoC exploit, dubbed Citrix Bleed.

“Below we observed an fascinating instance of a vulnerability induced by not completely understanding snprintf,” Assetnote researcher Dylan Pindur explained.

Cybersecurity

“Even nevertheless snprintf is recommended as the safe model of sprintf it is however crucial to be cautious. A buffer overflow was averted by applying snprintf but the subsequent buffer more than-browse was nevertheless an issue.”

The active exploitation of CVE-2023-4966 has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to insert it to the Identified Exploited Vulnerabilities (KEV) catalog, demanding federal companies in the U.S. to utilize the newest patches by November 8, 2023.

The newest developments also observe the launch of updates for three critical distant code execution vulnerabilities in SolarWinds Access Legal rights Manager (CVE-2023-35182, CVE-2023-35185, and CVE-2023-35187, CVSS scores: 9.8) that distant attackers could use to operate code with Method privileges.

Found this short article fascinating? Comply with us on Twitter  and LinkedIn to study a lot more distinctive content we article.


Some components of this report are sourced from:
thehackernews.com

Previous Post: «ex nsa employee pleads guilty to leaking classified data to russia Ex-NSA Employee Pleads Guilty to Leaking Classified Data to Russia
Next Post: Malvertising Campaign Targets Brazil’s PIX Payment System with GoPIX Malware malvertising campaign targets brazil's pix payment system with gopix malware»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation
  • OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities
  • Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials
  • Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business
  • Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
  • Beyond Vulnerability Management – Can You CVE What I CVE?
  • Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android
  • Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
  • 38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases
  • SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Copyright © TheCyberSecurity.News, All Rights Reserved.