Upcoming Webinar
Understand How Your Peers Approach AD Forest Recovery
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
Unlocking the Secrets of App Security!
In this episode of UnplugIT, Stephen Rose talks to IT expert and technology engineer Sean Hurley about how to secure apps in the cloud.
Essential Eight + Microsoft 365 Backup Compliance
This download allows you to demonstrate exactly how the technology you use keeps customers covered and compliant.
UK Ransomware Guidelines + M365 Backup Compliance
This download allows you to demonstrate exactly how the technology you use keeps customers covered and compliant.

CISA Issues Advisory on Critical File Transfer Flaw in Citrix ShareFile

Key Takeaways:

US Cybersecurity and Infrastructure Security Agency (CISA) has raised a red flag about a critical vulnerability in Citrix ShareFile.
The flaw could be exploited by an unauthenticated attacker to compromise cloud-based Citrix ShareFile storage zones controllers.
CISA has directed all federal agencies to apply patches for the vulnerability by September 6, 2023.

US Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability present in Citrix ShareFile. CISA has mandated that all federal agencies undertake necessary measures to apply patches for the security flaw by September 6, 2023.

Citrix ShareFile is a cloud-based file sharing and storage platform that enables organizations to securely store, sync, and share files and documents. The service provides a secure environment to manage and share files with internal and external users. Citrix ShareFile offers several features such as access controls, file synchronization, audit trails, encryption, as well as integration with different productivity tools.

Citrix researchers first disclosed the security vulnerability (tracked as CVE-2023-24489) back in June 2023. It ranks 9.8 out of 10.0 on the CVSS scale, making it critical in severity. The researchers warned that the flaw could let an unauthenticated attacker remotely compromise the cloud-based Citrix ShareFile storage zones controllers. The tool allows organizations to store and manage files in on-premises environments.

CISA Issues Advisory on Critical File Transfer Flaw in Citrix ShareFile

GreyNoise detects a spike in attacker activity

The Threat intelligence startup GreyNoise observed a significant spike in exploitation activity this week. As it turns out, the hackers can exploit a design flaw in the implementation of ShareFile’s AES encryption to target businesses.

“Attackers can exploit this vulnerability by taking advantage of errors in ShareFile’s handling of cryptographic operations. The application uses AES encryption with CBC mode and PKCS7 padding but does not correctly validate decrypted data.” GreyNoise explained. “This oversight allows attackers to generate valid padding and execute their attack, leading to unauthenticated arbitrary file upload and remote code execution.”

GreyNoise has published proof of concept (PoC) exploits for the vulnerability on GitHub. It’s recommended that organizations should upgrade to the latest version to prevent hackers from leveraging the flaw in future attacks.

by Rabia Noureen
Aug 18, 2023

Rabia comes from a solid IT background and has been writing professionally about Microsoft products and other technology for four years. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on the latest trends in...

Streamlining SaaS Governance: How Nudge Security Simplifies Compliance and Security Management for Cloud Apps

Oct 30, 2023
Nov 03, 2023
Webinar: Learn How to Keep Critical Web Apps Online and Sensitive Data Secure

May 9, 2023
The Ultimate Guide to Web Application Firewalls (WAF)

Jun 20, 2023

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.