• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – CVE-2020-8246 – Citrix Application Delivery Controller denial of service
September 21, 2020
Rewterz Threat Advisory – CVE-2020-16202 – Advantech WebAccess Node privilege escalation
September 21, 2020

Rewterz Threat Advisory – CVE-2020-8247 – Citrix Application Delivery Controller privilege escalation

September 21, 2020

Severity

High

Analysis Summary

Citrix Application Delivery Controller, Citrix Gateway and Citrix SD-WAN WANOP appliance models could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an error in the management interface. An attacker could exploit this vulnerability to execute arbitrary commands on the management interface with elevated privileges.

Impact

Privilege escalation

Affected Vendors

Citrix

Affected Products

  • Citrix Gateway 11.1
  • Citrix Gateway 12.1
  • Citrix Gateway 13.0
  • Citrix Application Delivery Controller (ADC) 11.1
  • Citrix Application Delivery Controller (ADC) 12.1
  • Citrix Application Delivery Controller (ADC) 13.0
  • Citrix SD-WAN WANOP 11.0
  • Citrix SD-WAN WANOP 11.1
  • Citrix SD-WAN WANOP 11.2
  • Citrix SD-WAN WANOP 10.0

Remediation

Refer to CTX281474 for patch, upgrade or suggested workaround information.

https://support.citrix.com/article/CTX281474

  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.