The US Cybersecurity and Infrastructure Safety Company (CISA) has warned {that a} Citrix flaw patched in June is being actively exploited within the wild.
CVE-2023-24489 was added to the company’s Recognized Exploited Vulnerabilities Catalog yesterday, with CISA warning it poses “important dangers to the federal enterprise.”
The flaw is described as an improper entry management vulnerability in Citrix ShareFile (aka Citrix Content material Collaboration). If exploited, it “might enable an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller,” CISA stated.
Citrix launched an advisory on the vital severity bug, which has a CVSS rating of 9.1, on June 13.
“This vulnerability impacts all at the moment supported variations of customer-managed ShareFile storage zones controller earlier than model 5.11.24,” it stated, when releasing the replace.
Learn extra on flaws in file sharing software program: Clop Ransom Gang Breaches Huge Names By way of MOVEit Flaw
Citrix Content material Collaboration is software program that enables enterprise file sync and sharing. Its storage zones controller characteristic allows customers to increase these file sharing capabilities to non-public information storage as a way to meet regulatory necessities.
“The storage zones that you simply keep can reside in your on-premises single-tenant storage system or in supported third-party cloud storage. This contains Amazon S3 and Home windows Azure,” Citrix explains.
“Storage zones controller additionally offers customers with safe entry to SharePoint websites and community file shares by way of storage zone connectors. Storage zone connectors allow you to offer safe cellular entry to information residing behind your company firewall with out the necessity to migrate information to the cloud.”
File sharing providers have change into a well-liked goal for ransomware teams over latest years, with the Clop group particularly exploiting zero-day vulnerabilities in MOVEit, and earlier in Accellion and GoAnywhere merchandise, to devastating impact.
That’s why CISA calls for all federal civilian companies patch the vulnerability by September 6. Non-public enterprises are inspired to comply with swimsuit.
