Cyber Security

Critical Citrix ADM vulnerability creates means to reset admin passwords

Citrix has patched a critical vulnerability in its Application Delivery Management (ADM) technology that, if left unresolved, creates a means for remote attackers to reset admin passwords.

The improper access control vulnerability (CVE-2022-27511) created a risk that a remote, unauthenticated user could not only crash a system via a denial-of-service (DoS) exploit, but go on to reset admin credentials on the next subsequent reboot.

An advisory by Citrix issued last week explains that vulnerability could be abused to trigger the “reset of the administrator password at the next device reboot, allowing an attacker with SSH [Secure Shell] access to connect with the default administrator credentials after the device has rebooted”.

Access granted

The particulars of the issue turn what would normally be a system corruption problem into a much more severe vulnerability with a severity akin to that posed by an unauthenticated, remote code execution (RCE) flaw.

Another, less severe vulnerability (CVE-2022-27512) creates a means to temporarily disrupt the ADM license service.

All supported versions of Citrix ADM server and Citrix ADM agent are affected by the vulnerabilities, which were both discovered by security researchers from German firm Code White.

Citrix urged enterprise sysadmins to upgrade to the most recent versions of its technology – Citrix ADM 13.1-21.53, Citrix ADM 13.0-85.19, or subsequent releases.

An advisory from the US Cybersecurity and Infrastructure Security Agency warns that an “attacker could exploit these vulnerabilities to take control of an affected system”, emphasizing the seriousness of the potential risk.

The Daily Swig contacted the researchers at Code White, who declined to comment further at this time, adding they had no immediate plans to release any blog post or technical write-up.

Citrix ADM offers a web-based technology for managing Citrix deployment in the cloud or on-premise. Although known for thin client computing, Citrix these days offers a range of networking product that improves the delivery speed and quality of apps served to end users. This functionality is delivered through load balancing and web app acceleration technologies.

Source: https://portswigger.net/daily-swig/critical-citrix-adm-vulnerability-creates-means-to-reset-admin-passwords

Click to comment

You May Also Like

Cyber Security

Zero Trust Data Access (ZTDA) constitutes a fundamental aspect of the wider Zero Trust security framework, which entails limiting data access. The Zero Trust security approach...

Cyber Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on their networks against two...

Cyber Security

Businesses and developers are focusing more on the security of applications in their digital environment as cyber threats and data breaches continue escalating. The...

Cyber Security

HCL BigFix is an endpoint management platform that has the capability to automate discovery, management, and remediation. It can find and fix vulnerabilities on...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO

Exit mobile version