Latest Citrix patches another reminder of operational risks facing companies today

Summary

Citrix has issued patches for 11 CVE-listed security vulnerabilities in its various networking products. This is the third in a series of ‘must patch’ vulnerabilities in recent months for Citrix, and it comes on the heels of a public breach the company announced in March of 2019.

Report

Analysis

Citrix—one of the world’s largest networking and remote access technology companies—announced patches for a known vulnerability in March more than one month after it was disclosed. Citrix is a $15BN company that more than 400,000 companies, including many of the Fortune 500, rely upon to keep their data safe and networks secure. In January this year, FireEye called out Citrix for belated vulnerability patching related to a malware exploit, so this latest news is an indication of continued problems.

At least one of these vulnerabilities appears to be targeting IT administrators whose logins can be exploited without authentication. According to experts, a hacker could then use this access to gain further control and access, execute a ransomware attack and shutdown systems. This type of incident is when the real financial pain for companies is felt. In the work-from-home era and with the rise of ransomware more broadly, more corporate networks appear susceptible to such an attack.

Boards and C-suites have been happy with the productivity and cost efficiencies of such outsourcing, but this has come at the expense of weaker security for many companies. Post COVID‑19, companies are relying upon services provided by companies like Citrix to a much greater extent than before to just function.

As Cyberhedge highlighted previously, third-party cloud providers and managed service providers are now critical infrastructure for the world’s most valuable companies—as they go, so go their customers.

Close

Instantly download research in our library and be the first to get access to new content

Denis Bolshakov

Log out

We use cookies to make our website more user-friendly and effective

The Cyberhedge Indices Cookie Policy

What are the Cyberhedge Cyber Governance Indices?

These first ever benchmarks prove good cyber governance matters to shareholder value. They measure stock market performance of companies with good and with bad cyber governance scores. Scores are based on Cyberhedge’s proprietary cyber governance rating methodology. Market performance is tracked by an independent firm. The results show that companies with good cyber governance outperform their peers in US, UK, and EU markets.

Information that we collect

Here you can see and customize the information that we collect about you. To learn more, please read our privacy policy

Continue on website