Citrix released security updates to address vulnerabilities in multiple Citrix products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the following and apply necessary updates:
[ul]
[li]NetScaler ADC and NetScaler Gateway Security Update for CVE-2024-5491 and CVE-2024-5492[/li][li]NetScaler Console, Agent and SVM Security Update for CVE-2024-6235 and CVE-2024-6236[/li][li]Citrix Workspace app for HTML5 Security Bulletin CVE-2024-6148 and CVE-2024-6149[/li][li]Citrix Provisioning Security Bulletin CVE-2024-6150[/li][li][U]Windows Virtual Delivery Agent for CVAD and Citrix DaaS Security Bulletin CVE-2024-6151[/U][/li][li][U]Citrix Workspace app for Windows Security Bulletin CVE-2024-6286[/U][/li][/ul]