{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2020-040.pdf"
    },
    "title": "Critical Vulnerabilities in Citrix XenMobile",
    "serial_number": "2020-040",
    "publish_date": "12-08-2020 10:00:00",
    "description": "On 11th of August, Citrix released a blog post and Security Update about critical vulnerabilities affected XenMobile servers products.<br>No technical details were shared by Citrix, however some sources indicate that by combining some of those vulnerabilities, an unauthenticated attackers could gain admin control on XenMobile Servers if exploitation is successful.<br>Citrix recommends these upgrades be made immediately. As of this writing, there are no known exploits. However, by analysing security patches, attacker could quickly identify exploits for these vulnerabilities and start scanning for victims exposing XenMobile servers on Internet.",
    "url_title": "2020-040",
    "content_markdown": "---\ntitle: 'Critical Vulnerabilities in\u00a0Citrix\u00a0XenMobile'\nversion: '1.0'\nnumber: '2020-040'\ndate: 'August 12, 2020'\n---\n\n_History:_\n\n* _12/08/2020 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn 11th of August, Citrix released a blog post [1] and Security Update [2] about critical vulnerabilities affected XenMobile servers products.\n\nNo technical details were shared by Citrix, however some sources [3] indicate that by combining some of those vulnerabilities, an unauthenticated attackers could gain admin control on XenMobile Servers if exploitation is successful.\n\nCitrix recommends these upgrades be made immediately. As of this writing, there are no known exploits. However, by analysing security patches, attacker could quickly identify exploits for these vulnerabilities and start scanning for victims exposing XenMobile servers on Internet.\n\n# Technical Details\n\nThe vulnerabilities were assigned the following CVEs:\n\n* CVE-2020-8208\n* CVE-2020-8209\n* CVE-2020-8210\n* CVE-2020-8211\n* CVE-2020-8212\n\nNo technical details are available at the time of this writing.\n\n# Products Affected\n\nThese critical vulnerabilities affect several products:\n\n* XenMobile Server 10.12 before RP2\n* XenMobile Server 10.11 before RP4\n* XenMobile Server 10.10 before RP6\n* XenMobile Server before 10.9 RP5\n\nOther versions of the same products are affected by medium and low vulnerabilities:\n\n* XenMobile Server 10.12 before RP3\n* XenMobile Server 10.11 before RP6\n\nRemediations have already been applied to cloud versions of XenMobile server.\n\n# Recommendations\n\nCitrix has released Rolling Patches for Citrix Endpoint Management (CEM) [2]:\n\n* XenMobile Server 10.12 RP3\n* XenMobile Server 10.11 RP6\n* XenMobile Server 10.10 RP6\n* XenMobile Server 10.9 RP5\n\n\n# References\n\n[1] <https://www.citrix.com/blogs/2020/08/11/citrix-provides-security-update-on-citrix-endpoint-management/>\n\n[2] <https://support.citrix.com/article/CTX277457>\n\n[3] <https://www.bleepingcomputer.com/news/security/citrix-fixes-critical-bugs-allowing-takeover-of-xenmobile-servers/>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>12/08/2020 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On 11th of August, Citrix released a blog post [1] and Security Update [2] about critical vulnerabilities affected XenMobile servers products.</p><p>No technical details were shared by Citrix, however some sources [3] indicate that by combining some of those vulnerabilities, an unauthenticated attackers could gain admin control on XenMobile Servers if exploitation is successful.</p><p>Citrix recommends these upgrades be made immediately. As of this writing, there are no known exploits. However, by analysing security patches, attacker could quickly identify exploits for these vulnerabilities and start scanning for victims exposing XenMobile servers on Internet.</p><h2 id=\"technical-details\">Technical Details</h2><p>The vulnerabilities were assigned the following CVEs:</p><ul><li>CVE-2020-8208</li><li>CVE-2020-8209</li><li>CVE-2020-8210</li><li>CVE-2020-8211</li><li>CVE-2020-8212</li></ul><p>No technical details are available at the time of this writing.</p><h2 id=\"products-affected\">Products Affected</h2><p>These critical vulnerabilities affect several products:</p><ul><li>XenMobile Server 10.12 before RP2</li><li>XenMobile Server 10.11 before RP4</li><li>XenMobile Server 10.10 before RP6</li><li>XenMobile Server before 10.9 RP5</li></ul><p>Other versions of the same products are affected by medium and low vulnerabilities:</p><ul><li>XenMobile Server 10.12 before RP3</li><li>XenMobile Server 10.11 before RP6</li></ul><p>Remediations have already been applied to cloud versions of XenMobile server.</p><h2 id=\"recommendations\">Recommendations</h2><p>Citrix has released Rolling Patches for Citrix Endpoint Management (CEM) [2]:</p><ul><li>XenMobile Server 10.12 RP3</li><li>XenMobile Server 10.11 RP6</li><li>XenMobile Server 10.10 RP6</li><li>XenMobile Server 10.9 RP5</li></ul><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.citrix.com/blogs/2020/08/11/citrix-provides-security-update-on-citrix-endpoint-management/\">https://www.citrix.com/blogs/2020/08/11/citrix-provides-security-update-on-citrix-endpoint-management/</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://support.citrix.com/article/CTX277457\">https://support.citrix.com/article/CTX277457</a></p><p>[3] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.bleepingcomputer.com/news/security/citrix-fixes-critical-bugs-allowing-takeover-of-xenmobile-servers/\">https://www.bleepingcomputer.com/news/security/citrix-fixes-critical-bugs-allowing-takeover-of-xenmobile-servers/</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}