How to Respond to CVE-2023-24489 Impacting Citrix ShareFile - UpGuard - #CVE-2023-24489
A new vulnerability, called CVE-2023-24489, was discovered in Citrix ShareFile that could allow remote attackers to gain unauthorized access and execute remote code on affected systems. The vulnerability impacts Citrix ShareFile StorageZones Controller version 5.11.24 and below, which offers cloud file sharing services. The vulnerability arises from improper access control that enables attackers to access systems without authentication. Remote attackers can exploit this vulnerability to achieve remote code execution by manipulating cryptographic operations in ShareFile to generate payloads the system accepts as valid. To remediate this, Citrix released a security update for ShareFile StorageZones Controller urging customers to immediately upgrade from version 5.11.24 and below.