Multiple vulnerabilities in Citrix Hypervisor
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2023-23583 CVE-2023-46835 |
| CWE-ID | CWE-1281 CWE-264 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Citrix Hypervisor Server applications / Virtualization software |
| Vendor | Citrix |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Sequence of processor instructions leads to unexpected behavior
EUVDB-ID: #VU82351
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-23583
CWE-ID:
CWE-1281 - Sequence of Processor Instructions Leads to Unexpected Behavior
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an error related to processing of Sequence of processor instructions. A local user can execute arbitrary code with elevated privileges.
Install update from vendor's website.
Vulnerable software versionsCitrix Hypervisor: 8.2 CU1
External linkshttp://support.citrix.com/article/CTX583037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU83162
Risk: Medium
CVSSv3.1: 4.4 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-46835
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote guest to gain access to sensitive information.
The vulnerability exists due to improperly imposed security restrictions caused by a mismatch in IOMMU quarantine page table levels. A device in quarantine mode can access data from previous quarantine page table usages, possibly leaking data used by previous domains that also had the device assigned.
Install update from vendor's website.
Vulnerable software versionsCitrix Hypervisor: 8.2 CU1
External linkshttp://support.citrix.com/article/CTX583037
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
