Tenable Research has discovered a current vulnerability in Citrix - specifically in Citrix ShareFile. If this vulnerability is exploited, an attacker could steal credentials or tokens, execute code in the context of the victim's browser, or perform a variety of other malicious actions.
Despite the potential consequences of the vulnerability, Citrix has chosen not to release any information about this issue or notify customers after the issue has been patched. Customers are completely dependent on the cloud providers to fix the reported issues and must have blind faith that the vulnerabilities have been fixed with due diligence.
With this lack of transparency, software vendors are doing their customers a disservice, leaving them in the dark about the risks they are facing before the patches are released. The practice of silent patching by cloud service providers complicates risk assessment and creates new challenges for security teams to understand the risks of their cloud environments. Even after a patch has been released, potentially affected customers may not be aware that malicious activity has taken place.
Ransomware groups such as CL0P target file transfer applications such as Fortra's GoAnywhere Managed File Transfer (MFT) and Progress Software's MOVEit Transfer MFT. Therefore, protecting these solutions and identifying potential attack vectors are critical to success in order to stay ahead of opportunistic attackers.
More at Tenable.com
About Tenable Tenable is a Cyber Exposure company. Over 24.000 companies worldwide trust Tenable to understand and reduce cyber risk. Nessus inventors have combined their vulnerability expertise in Tenable.io, delivering the industry's first platform that provides real-time visibility into and secures any asset on any computing platform. Tenable's customer base includes 53 percent of the Fortune 500, 29 percent of the Global 2000, and large government agencies.