Citrix, watchTowr clash on new RCE-enabling Citrix Virtual Apps and Desktops flaws

13 November 2024

Such issues have stemmed from a misconfigured Microsoft Message Queuing instance leveraging BinaryFormatter, which Microsoft has warned against amid the emergence of deserialization vulnerabilities, according to the watchTowr report. While Citrix has emphasized the issue as an authenticated RCE, which requires execution as a NetworkService Account, the firm was noted by watchTowr researchers to have been “downplaying”

Source: SC Magazine

Date:

13 November 2024

Categorie(s):

NEWS

Tag(s):

Apps, Citrix, Desktops, Mobile, Virtual

How Ransomware Jeopardizes Healthcare Organizations17 November 2024
Are Identity Theft Protection Services Worth the Money? It’s Complicated17 November 2024
Week in review: Microsoft patches actively exploited 0-days, Amazon and HSBC employee data leaked17 November 2024
Google’s Gemini AI Chatbot Keeps Telling Users to Die16 November 2024
Cybersecurity Flaws in US Drinking Water Systems Put 26 Million at Risk16 November 2024