October 3, 2023

Researchers have spotted the exploitation of a recent critical remote code execution (RCE) vulnerability in Citrix Sharefile, a cloud based file sharing and collaboration solution.

Tracked as CVE-2023-24489 with a CVSS score of 9.1 was the result of errors leading to unauthenticated file upload, which could then be exploited to obtain Remote Code Execution.

An internet scan has resulted in the findings that about 6000 ShareFile instances are accessible publicly , potentially making it a popular target for attackers, given that it might store sensitive data which will be considered as a biggest impact.

Advertisements

Citrix patched the flaw in June 2023 with the release of ShareFile storage zones controller version 5.11.24, warning that it could lead to full application compromise.

Earlier this month, a working proof-of-concept (PoC) code targeting the vulnerability and additional PoC exploits have since been released by researchers from Assetnote, increasing the likelihood of in-the-wild exploitation.

Now, another firm, Graynoise, has created a tag for CVE-2023-24489 to track in-the-wild exploitation, and the first exploit attempts were logged.

Citrix ShareFile customers using storage zones controllers are advised to update their installations as soon as possible.

Tags:

Leave a Reply

You may have missed

Industrial Control Systems and Vulnerability Management Process

October 2, 2023

McLaren Healthcare suffers a Ransomware Incident

October 2, 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – September, 2023

October 2, 2023

TheCyberThrone Security Week In Review – September 30, 2023

October 1, 2023

Mozilla fixes CVE-2023-5217 Vulnerability in its Products

September 30, 2023

CISA KEV Update Part III – September 2023

September 30, 2023
%d bloggers like this: