Rewterz

Rewterz Threat Alert – Phishing Emails Targeting Banks in Pakistan

September 18, 2020
Rewterz

Rewterz Threat Advisory – CVE-2020-8247 – Citrix Application Delivery Controller privilege escalation

September 21, 2020

Rewterz Threat Advisory – CVE-2020-8246 – Citrix Application Delivery Controller denial of service

Severity

High

Analysis Summary

Citrix Application Delivery Controller, Citrix Gateway and Citrix SD-WAN WANOP appliance models are vulnerable to a denial of service, caused by an error in the management network. An attacker could exploit this vulnerability to consume all available resources.

Impact

Denial of service

Affected Vendors

Citrix

Affected Products

  • Citrix Gateway 11.1
  • Citrix Gateway 12.1
  • Citrix Gateway 13.0
  • Citrix Application Delivery Controller (ADC) 11.1
  • Citrix Application Delivery Controller (ADC) 12.1
  • Citrix Application Delivery Controller (ADC) 13.0
  • Citrix SD-WAN WANOP 11.0
  • Citrix SD-WAN WANOP 11.1
  • Citrix SD-WAN WANOP 10.0

Remediation

Refer to CTX281474 for patch, upgrade or suggested workaround information.

https://support.citrix.com/article/CTX281474

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.