Get a Pentest and security assessment of your IT network.

Cyber Security

Known Citrix Workspace Bug Open to New Attack Vector

A Citrix Workspace vulnerability that was fixed in July has been found to have a secondary attack vector, which would allow cybercriminals to elevate privileges and remotely execute arbitrary commands. The bug (CVE-2020-8207), exists in the automatic update service of the Citrix app for Windows. It could allow local privilege-escalation as well as remote compromise of a computer running the app when Windows file sharing (SMB) is enabled, according to Citrix advisory. Researchers at Pen Test Partners found the bug still allows attackers to abuse Citrix-signed MSI installers, which are signed and hashed to prevent modification.

Source: https://threatpost.com/citrix-workspace-new-attack/159459/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation