Citrix NetScaler Under Siege: Significant Increase in Brute Force Attacks Observed - #CVE-2024-8068
Citrix has faced multiple critical vulnerabilities in its Virtual Apps and Desktops, NetScaler ADC, and NetScaler Gateway products throughout 2024. Notable among these are CVE-2024-8068 and CVE-2024-8069, which allow for privilege escalation and potential remote code execution. These vulnerabilities, discovered by watchTowr Labs, exploit misconfigured Microsoft Message Queuing instances and insecure deserialization methods. Despite Citrix's initial classification of the issues as requiring authentication, security researchers argue they may be more severe, potentially allowing unauthenticated attacks. Additionally, CVE-2024-8534 and CVE-2024-8535 have been linked to a surge in brute-force attacks on Citrix NetScaler devices, particularly in Germany. Citrix has released patches and hotfixes for these vulnerabilities, urging users to update their systems immediately to mitigate risks.