Citrix and SAP have released fixes for a new round of bugs in their software products and urged customers to apply them as soon as possible.
In a security update, Citrix said that it is patching five vulnerabilities in Citrix Endpoint Management (CEM), also known as the XenMobile enterprise mobility management solution, which enable customers to remotely connect to corporate networks using their mobile devices.
Attackers could use the bugs (indexed as CVE-2020-8208, -8209, -8210, -8211 and -8212) to gain control of a mobile server and steal sensitive information, the company said.
Positive Technologies' researcher Andrey Medov, who discovered one of the flaws during a security audit for a customer, warned that exploiting just one bug could allow an attacker to steal the credentials of a domain account for a corporate network. Following that, the attacker could attempt to target other resources like web applications and corporate mail.
According to Citrix, the following versions of CEM are affected by critical vulnerabilities:
- XenMobile Server before 10.9 RP5
- XenMobile Server 10.10 before RP6
- XenMobile Server 10.11 before RP4
- XenMobile Server 10.12 before RP2
While there are no reports of threat actors exploiting the bugs, the company said that it anticipates attackers will move quickly to do so.
The firm also advised customers to use a version prior to 10.9.x, or to immediately upgrade to a supported version (10.12 being the latest).
SAP also released its security update for August on Tuesday, urging users to immediately patch vulnerabilities in many of its products.
The company said it was updating its July 2020 Patch Day security note for a critical RECON bug, with a flaw that could allow an unauthenticated attacker to gain access to various folders in the directory structure.
The RECON bug, indexed as CVE-2020-6287, was publically disclosed last month. Pablo Artuso, the researcher who discovered the flaw, said that it affects the SAP NetWeaver Application Server (AS) Java component LM Configuration Wizard, and affects more than 40,000 SAP customers.
The vulnerability could enable a remote, unauthenticated attacker to gain control of SAP applications and steal or alter data, after exploiting the flaw through the Hypertext Transfer Protocol (HTTP), he said.
"Because it resides in a common layer, it means that several SAP products are vulnerable — not only internet-facing products, but also ones that are highly connected with other SAP systems such as Solution Manager," Pablo Artuso warned.
The US Cybersecurity and Infrastructure Security Agency also advised admins to closely monitor their SAP NetWeaver AS for any anomalous activity.
Seventeen bugs are rated as "critical" meaning they can be easily exploited by hackers to gain full control of a vulnerable machine
Smaug RaaS makes it easy for threat actors to use ransomware to achieve their objectives
Huawei used outdated software in the centre, it claims
Attackers could use the bugs to listen to audio in a device's surroundings, monitor a user's location and exfiltrate sensitive information
Satellite internet service providers are still vulnerable to attack methods discovered nearly 15 years ago