Citrix has today released fixes for vulnerabilities affecting its XenMobile Servers, which are used by companies for managing employees devices. The vulnerabilities discovered are rated severe to low and could allow unauthorized people to take over the servers by successful exploitation. Patches are available for all versions of XenMobile Servers.
Citrix Rolled out Patches For XenMobile Servers Vulnerabilities
The networking company Citrix has today published a report disclosing five vulnerabilities in its Endpoint Management (CEM) on-premise instances (XenMobile Server). This software acts as a unified interface for managing employees’ computers, mobile devices (tablets and smartphones) from a single platform.
The maker has released fixes for patching those found vulnerabilities and recommends to patch immediately. Two out of five vulnerabilities tracked as CVE-2020-8208 and CVE-2020-8209 are marked critical on the severity scale, which could allow unauthenticated users (attackers) to take over the XenMobile servers by exploiting the bugs. The vulnerable server versions are;
- XenMobile Server 10.12 before RP2
- XenMobile Server 10.11 before RP4
- XenMobile Server 10.10 before RP6
- XenMobile Server before 10.9 RP5
And the other three vulnerabilities tracked as CVE-2020-8210, CVE-2020-8211, and CVE-2020-8212 are rated medium to low on the severity scale. These could be abused by CEM admins to access unauthorized information. The affected server versions of these three vulnerabilities are;
- XenMobile Server 10.12 before RP3
- XenMobile Server 10.11 before RP6
- XenMobile Server 10.10 before RP6
- XenMobile Server before 10.9 RP5
Thus, Citrix says the versions 10.9, 10.10, 10.11 and 10.12 for patching these vulnerabilities are available and recommends applying immediately. Any servers running versions 10.9.x or before should be updated to at least version 10.12 RP3 to avoid being hacked. Download the patches here;
• XenMobile Server 10.12 RP3
• XenMobile Server 10.11 RP6
• XenMobile Server 10.10 RP6
• XenMobile Server 10.9 RP5
Other Trending News:- News
