Citrix has released patches for critical-severity vulnerabilities in its Secure Access client for Ubuntu and Windows. The Ubuntu vulnerability, tracked as CVE-2023-24492, requires user interaction to exploit and could lead to remote code execution. The Windows vulnerability, tracked as CVE-2023-24491, allows an attacker with access to an endpoint and a vulnerable client to elevate privileges. Customers are advised to update their installations, and further details can be found on Citrix’s security bulletins page. There is no indication of the vulnerabilities being exploited in attacks at this time.
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.