{"id":1041,"date":"2025-07-01T09:52:30","date_gmt":"2025-07-01T09:52:30","guid":{"rendered":"https:\/\/inforb-wp.demo.certsign.ro\/?p=1041"},"modified":"2025-07-10T07:27:13","modified_gmt":"2025-07-10T07:27:13","slug":"citrix-emite-patch-uri-urgente-pentru-netscaler-iunie-2025","status":"publish","type":"post","link":"https:\/\/inforb.ro\/en\/citrix-emite-patch-uri-urgente-pentru-netscaler-iunie-2025\/","title":{"rendered":"Citrix Issues Urgent Patches for NetScaler \u2013 June 2025"},"content":{"rendered":"<article style=\"display: flex; flex-wrap: wrap; align-items: flex-start; gap: 20px; margin-bottom: 40px;\">\n  <div style=\"flex: 1 1 60%; min-width: 280px;\">\n    <p><em>Publicat: 25 iunie 2025<\/em><\/p>\n\n    <p>Citrix a emis actualiz\u0103ri critice pentru dou\u0103 vulnerabilit\u0103\u021bi severe din NetScaler\u202fADC\/Gateway (<strong>CVE\u20112025\u20116543<\/strong> \u0219i <strong>CVE\u20112025\u20115777<\/strong>), afect\u00e2nd versiunile 14.1, 13.1 \u0219i 12.1. Vulnerabilitatea CVE\u20112025\u20116543 este exploatat\u0103 activ \u00een mediul real \u0219i figureaz\u0103 \u00een catalogul CISA KEV cu termen de remediere p\u00e2n\u0103 la 21 iulie 2025.<\/p>\n\n    <h3>\ud83d\udd0d Detalii tehnice<\/h3>\n    <ul>\n      <li><strong>CVE\u20112025\u20116543<\/strong>: memory overflow cu scor CVSS\u202f9.2, permite execu\u021bie remota de cod;<\/li>\n      <li><strong>CVE\u20112025\u20115777<\/strong> (\u201eCitrixBleed\u202f2\u201d): session hijacking \u0219i bypass MFA, scor CVSS\u202f9.3;<\/li>\n    <\/ul>\n\n    <h3>\u26a0\ufe0f Situa\u021bie \u00een teren<\/h3>\n    <p>ReliaQuest raporteaz\u0103 exploat\u0103ri pentru CVE\u20112025\u20115777, iar CISA a confirmat exploatarea CVE\u20112025\u20116543 \u00een re\u021bele critice. Mandiant avertizeaz\u0103 c\u0103 sesiunile autentificate pot r\u0103m\u00e2ne active chiar \u0219i dup\u0103 aplicarea patch-ului.<\/p>\n\n    <h3>\ud83d\udee0\ufe0f Recomand\u0103ri imediate<\/h3>\n    <ul>\n      <li>Aplic\u0103 patch-urile disponibile (ex: 14.1\u201147.46, 13.1\u201159.19);<\/li>\n      <li>\u00cenchide toate sesiunile active dup\u0103 update, inclusiv RDP sau ICA;<\/li>\n      <li>Monitorizeaz\u0103 logurile NetScaler pentru activit\u0103\u021bi suspecte;<\/li>\n      <li>Verific\u0103 CSP \u0219i mecanismele MFA \u2013 pot fi afectate dup\u0103 aplicare.<\/li>\n    <\/ul>\n\n    <p><strong>Surs\u0103 principal\u0103:<\/strong>\n      <a href=\"https:\/\/thehackernews.com\/2025\/06\/citrix-releases-emergency-patches-for.html\" target=\"_blank\" rel=\"noopener noreferrer\">\n        The Hacker News \u2013 Citrix Releases Emergency Patches for Actively Exploited CVE\u20112025\u20116543\u00a0in\u00a0NetScaler\u00a0ADC\n      <\/a>\n    <\/p>\n  <\/div>\n\n  <div style=\"flex: 1 1 35%; min-width: 240px; text-align: center;\">\n    <img decoding=\"async\" src=\"https:\/\/inforb.ro\/wp-content\/uploads\/2025\/07\/Citrix.jpg\"\n         alt=\"Citrix office building \u2013 NetScaler patch urgent warning\"\n         style=\"max-width: 100%; height: auto; padding: 5px; border: 1px solid #ddd; box-shadow: 0 2px 6px rgba(0,0,0,0.1);\">\n  <\/div>\n<\/article>","protected":false},"excerpt":{"rendered":"<p>Publicat: 25 iunie 2025 Citrix a emis actualiz\u0103ri critice pentru dou\u0103 vulnerabilit\u0103\u021bi severe din NetScaler\u202fADC\/Gateway (CVE\u20112025\u20116543 \u0219i CVE\u20112025\u20115777), afect\u00e2nd versiunile 14.1, 13.1 \u0219i 12.1. Vulnerabilitatea CVE\u20112025\u20116543 este exploatat\u0103 activ \u00een mediul real \u0219i figureaz\u0103 \u00een catalogul CISA KEV cu termen de remediere p\u00e2n\u0103 la 21 iulie 2025. \ud83d\udd0d Detalii tehnice CVE\u20112025\u20116543: memory overflow cu scor [&hellip;]<\/p>","protected":false},"author":3,"featured_media":1043,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17,49],"tags":[],"class_list":["post-1041","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","category-exploit"],"_links":{"self":[{"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/posts\/1041","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/comments?post=1041"}],"version-history":[{"count":2,"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/posts\/1041\/revisions"}],"predecessor-version":[{"id":1044,"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/posts\/1041\/revisions\/1044"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/media\/1043"}],"wp:attachment":[{"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/media?parent=1041"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/categories?post=1041"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/tags?post=1041"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}