Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
Citrix Released Security Updates For Multiple Products, Including Sharefile Storage Zones And Citrix Virtual Apps And Desktops
Image
Published : 22/06/2023
Reference:
Advisory #2023-71
Version:
2.0
Affected software:
All currently supported versions of customer-managed ShareFile storage zones controller before version 5.11.24
Virtual Delivery Agents for Windows or Linux used by Citrix Virtual Apps and Desktops and Citrix DaaS
Type:
Remote Code Execution (RCE)
CVE/CVSS:
CVE-2023-24489 / CVSS 3.1 score: 9.1
CVE-2023-24490 / CVSS 3.1 score: 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)
Sources
Risks
One of the vulnerabilities patched by Citrix, CVE-2023-24489, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller. The exploitation of the vulnerability would have a high impact on the Confidentiality, Integrity, and Availability of the affected systems.
Another vulnerability patched, CVE-2023-24490, would allow a user having only limited access to launch VDA applications, to elevate privileges and to launch an unauthorized desktop.
Update: A Proof of Concept for exploiting CVE-2023-24489 has been released on Github (https://github.com/adhikara13/CVE-2023-24489-ShareFile) and allows for mass exploitation. This increases the risk of exploitation significantly.
Description
CVE-2023-24489 is an improper resource control vulnerability discovered in the customer-managed ShareFile storage zones controller. The vulnerability has a CVSS score of 9.1 and was classified as “critical”.
Affected products:
This vulnerability affects all currently supported versions of customer-managed ShareFile storage zones controller before version 5.11.24.
CVE-2023-24490 is an improper access control vulnerability that impacts Citrix Virtual Apps and Desktops and Virtual Delivery Agent in Windows and Linux.
Affected products:
This vulnerability affects the following supported versions of
- Windows Virtual Delivery Agent:
- Citrix Virtual Apps and Desktops versions before 2305
- Long Term Service Release (LTSR):
- Citrix Virtual Apps and Desktops 2203 LTSR before CU3
- Citrix Virtual Apps and Desktops 1912 LTSR before CU7
- Linux Virtual Delivery Agent:
- Linux Virtual Delivery Agent version before 2305
- Long Term Service Release (LTSR):
- Linux Virtual Delivery Agent 2203 LTSR before CU3
- Linux Virtual Delivery Agent 1912 LTSR before CU7 hotfix 1(19.12.7001)
Recommended Actions
To address these vulnerabilities, Citrix advises users to upgrade using:
- the new patch that has been included in the ShareFile storage zones controller version 5.11.24 as well as all versions that have followed it. (https://www.citrix.com/downloads/sharefile/product-software/sharefile-storagezones-controller-511.html).
- Customers using ShareFile-managed storage zones in the cloud do not need to take any action.
- the Windows and Linux Virtual Delivery Agents that contain the fixes (https://www.citrix.com/downloads/citrix-virtual-apps-and-desktops/ )
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/cert/report-incident