In this week's Security Advisory:
A Proof-of-Concept is now available for two Citrix Session Recording vulnerabilities, CVE-2024-8068 (CVSS 5.1/10) and CVE-2024-8069 (CVSS 5.1/10). The first vulnerability can allow an authenticated user to escalate their privileges to have administrative access. The second vulnerability allows a user to exploit code remotely to the application. This has not been confirmed to be exploited in the wild yet, but it is recommended to upgrade urgently to mitigate that risk.
Affected Versions
More Reading/Information
BeyondTrust has released a patch for a critical severity vulnerability, CVE-2024-12356 (CVSS 9.8/10), in its Privileged Remote Access (PRA) and Remote Support (RS) products. This vulnerability can allow a remote unauthenticated user to execute commands to the underlying OS. BeyondTrust announced they have pushed the patch to customers with cloud hosting, but were not able to for all customers with an on-premise solution if they do not have automatic updates applied. This vulnerability has been exploited in the wild.
Affected Versions
More Reading/Information
Apple has announced updates to a variety of its products addressing forty-eight (48) new vulnerabilities. Many of these vulnerabilities could allow for arbitrary code execution. Currently, there are no reports of these vulnerabilities being exploited in the wild.
Affected Versions
More Reading/Information
Please review your environment to ensure the above-mentioned issues are patched in a timely manner. It is security best practice to regularly update and/or patch software to the latest versions. The vulnerabilities above highlight the security benefits of limiting deployed software to "vendor-supported versions" only. This dramatically increases the likelihood that new vulnerabilities have a patch issued for them. Likewise, Cybersafe strongly encourages maintaining an inventory of current software in your environment, which helps ensure and inform your patch and vulnerability management program.