Top News

Critical Vulnerability in Citrix uberAgent: Update to Prevent Privilege Escalation

KaiRiz 0




A significant vulnerability tracked as CVE-2024-3902, has been found in Citrix uberAgent, a monitoring tool for Citrix platforms. This flaw could allow attackers with network access to escalate their privileges, posing a severe risk to organizations using affected software versions. Citrix has issued an advisory for customers to update their software to version 7.1.2 or later immediately to mitigate this risk.

The vulnerability affects Citrix uberAgent versions before 7.1.2 and arises in specific configurations. It allows attackers to exploit uberAgent's data collection features, leading to possible privilege escalation. This occurs when there's at least one CitrixADC_Config entry combined with certain metrics like CitrixADCPerformance, CitrixADCvServer, CitrixADCGateways, or CitrixADCInventory. Additionally, for uberAgent versions 7.0 to 7.1.1, the vulnerability is triggered if WmiProvider is set to PowerShell with at least one CitrixSession metric configured.

Citrix recommends that customers using affected versions update to 7.1.2 or later immediately. If an update isn't possible, Citrix suggests disabling all Citrix ADC metrics by removing specific timer properties and changing the WmiProvider setting from PowerShell to WMIC or ensuring it's not configured. These steps can reduce the risk of exploitation until the software can be updated.

Customers should download and install the updated version of Citrix uberAgent from the company's website. Citrix has set up support channels for technical assistance and encourages customers to subscribe to security alerts to stay informed about any new security bulletins.

Citrix is working closely with customers and channel partners to resolve this issue. The company thanks Daniel Bachmann of Raiffeisen Schweiz for identifying the vulnerability and emphasizing the importance of collaborative security efforts. Citrix encourages customers to report any other potential security issues to ensure a swift response.

This vulnerability underscores the importance of regularly updating software to maintain security. Organizations using Citrix uberAgent should act swiftly to protect their systems by updating to the latest version or applying the recommended mitigation measures.


Hifza Eman

Content Writer

KaiRiz Cyber Technologies (SMC-Private Limited)

Tags

KaiRiz

KaiRiz Cyber Technologies: Your Trusted Partner in Cybersecurity In 2023, we embarked on a journey with a singular goal: to champion cybersecurity awareness, providing students and companies with the knowledge and tools needed to thrive in a digital age fraught with risks. Our core services include secure IT products, penetration testing, digital forensics for industrial firms, and training courses, all designed to fortify digital landscapes and empower the next generation of cyber defenders. At KaiRiz Cyber Technologies, we're your ally in a secure digital world.

Post a Comment

Post a Comment

Previous Post Next Post