Rapid7 released research showing that a vulnerability in the Citrix ADM that was thought to be patched in June is still open to exploitation. (Rapid7)Clarification: Rapid7 updated its post at 22:54 GMT on Oct. 20 regarding the cause of the Citrix ADM vulnerability, which was CVE-2022-27512, and not CVE-2022-27511.Research released Tuesday by Rapid7 shows that a vulnerability in the Citrix Application Delivery Management (ADM) believed to have been patched in June is not sufficient to prevent exploitation.Tracked as CVE-2022-27512, the root cause of the vulnerabilities is not Citrix ADM, but rather the implementation of popular licensing software FLEXlm, aka FlexNet Publisher. FLEXlm allows organizations to manage and share software licenses with multiple users. An application provisioning solution, Citrix ADM relies on the FlexNet software for license management.
Digging into the issues further after Citrix released an advisory and patch, Rapid7 said it found the patch didn’t prevent exploitation and could lead to a denial of service. “The licensing server can be told to shut down (even with the patch),” wrote Rapid7’s Ron Bowes on its blog disclosing the vulnerability. Rapid7 coordinated disclosure of its findings with Citrix and the CERT Coordination Center, and urged IT security teams to reach out to FlexNet Publisher’s maker, Revernera, and Citrix for guidance on mitigating the vulnerabilities.See Rapid7’s blog post for more detailed information on the vulnerability.
An In-Depth Guide to Application Security
Get essential knowledge and practical strategies to fortify your applications.
Stephen Weigand is managing editor and production manager for SC Media. He has worked for news media in Washington, D.C., covering military and defense issues, as well as federal IT. He is based in the Seattle area.
Increasing concerns regarding the potential utilization of Chinese artificial intelligence platform DeepSeek for foreign government surveillance have prompted New York Gov. Kathy Hochul to ban the AI chatbot's usage across all state-issued devices just days after Texas Gov. Greg Abbott issued a similar prohibition for DeepSeek and Chinese-owned social media apps.
Such an extensive OpenAI account credential theft may have been achieved by exploiting vulnerabilities or securing admin credentials to infiltrate the auth0.openai.com subdomain, according to Malwarebytes researchers, who noted that confirmation of the leak's legitimacy would suggest emirking's access to ChatGPT conversations and queries.
Aside from delivering unencrypted device and mobile app registration information to Volcano Engine servers owned by TikTok parent firm ByteDance, DeepSeek's iOS app has also been leveraging an insecure symmetric encryption algorithm, a hardcoded encryption key, and old initialization vectors, an audit from NowSecure showed.