Citrix said that it anticipates malicious actors will move quickly to exploit two critical flaws in its mobile device management software. The flaws exist in Citrix Endpoint Management (CEM), often referred to as XenMobile Server, which enables businesses to manage employees mobile devices and mobile applications. If exploited, the flaws could allow remote, unauthorized attackers to access domain account credentials ultimately opening the door to a treasure trove of corporate data, including email and web applications.
Source: https://threatpost.com/citrix-warns-of-critical-flaws-in-xenmobile-server/158293/