Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Citrix

CVE-2022-27511 - Critical Vulnerability in Citrix Application Delivery Management

On Tuesday, June 14, 2022, Citrix released patches for multiple vulnerabilities, including CVE-2022-27511, an unauthenticated remote privilege escalation vulnerability affecting Citrix Application Delivery Management (ADM). The vulnerability allows an unauthenticated user to remotely corrupt an affected system to reset the administrator password at the next device reboot.

PROPHET SPIDER Exploits Citrix ShareFile Remote Code Execution Vulnerability CVE-2021-22941 to Deliver Webshell

At the start of 2022, CrowdStrike Intelligence and CrowdStrike Services investigated an incident in which PROPHET SPIDER exploited CVE-2021-22941 — a remote code execution (RCE) vulnerability impacting Citrix ShareFile Storage Zones Controller — to compromise a Microsoft Internet Information Services (IIS) web server. The adversary exploited the vulnerability to deploy a webshell that enabled the downloading of additional tools.

CurrentWare is Verified as Citrix Ready!

CurrentWare’s suite of user activity monitoring, web filtering, device control, and remote PC power management software has been verified as Citrix Ready®. The Citrix Ready program helps users of Citrix Virtual Apps and Desktops (formerly Citrix XenApp and XenDesktop) identify third-party solutions that are verified as compatible with a Citrix VDI deployment.

How to record, log and audit any Microsoft Hyper-V, VMware Horizon, and Citrix session with EKRAN

Ekran System® can help you to organize virtual desktop monitoring and user session recording in environments like VMware Horizon, Microsoft Hyper-V, or Citrix. In addition to Citrix session recording, Ekran System delivers a comprehensive set of identity and access management features, real-time alerting, and incident response tool sets.