Home / Software / Apps / CISA claims hackers are exploiting a new Citrix ShareFile file transfer bug

CISA claims hackers are exploiting a new Citrix ShareFile file transfer bug

The U.S. cybersecurity agency warned that hackers are exploiting a new vulnerability in another enterprise file transfer software.

CISA added Citrix ShareFile vulnerability CVE-2023-24489 to its KEV catalog on Wednesday. The flaw poses “significant risks to the federal enterprise,” and the agency ordered federal civilian executive branch agencies, including CISA, to apply vendor patches by September 6.

Citrix first warned about the vulnerability in June. An improper access control bug could allow an unauthenticated attacker to remotely compromise customer-managed Citrix ShareFile storage zones controllers without passwords.

Citrix ShareFile is primarily a cloud-based file-transfer tool, but it also offers a “storage zones controller” tool for on-premise or supported cloud platforms like Amazon S3 and Windows Azure.

Dylan Pindur of Assetnote discovered the vulnerability and warned that it stems from small errors in ShareFile’s AES encryption. As of July, 6,000 organizations had publicly exposed instances.

“Searching online shows 1,000-6,000 instances are internet accessible,” said Pindur. “This popularity, combined with the software storing sensitive data, meant if we found anything it could have quite an impact.”

Threat intelligence startup GreyNoise reported a “significant spike” in attacker activity after CISA warned about the ShareFile vulnerability.

The hackers behind in-the-wild attacks are unknown.

Hackers target corporate file-transfer software because it stores large amounts of sensitive data.

The Russia-linked Clop ransomware gang has targeted Accellion’s MTA, Fortra’s GoAnywhere MFT, and Progress’ MOVEit Transfer.

According to Emsisoft, the MOVEit mass-attacks have affected over 46 million people and 668 victim organizations. IBM fell victim to the MOVEit hackers, exposing over four million Americans’ sensitive medical and health data this week.

About Chambers

Check Also

The Air Force has abandoned its attempt to install a directed-energy weapon on a fighter jet, marking another failure for airborne lasers

The U.S. military’s most recent endeavor to create an airborne laser weapon, designed to safeguard …