Multiple vulnerabilities in Citrix XenServer



Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2025-62626
CVE-2024-36347
CWE-ID CWE-331
CWE-347
Exploitation vector Local
Public exploit N/A
Vulnerable software
 Citrix XenServer
Server applications / Other server solutions

Vendor Citrix

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Insufficient Entropy

EUVDB-ID: #VU117652

Risk: Low

CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-62626

CWE-ID: CWE-331 - Insufficient Entropy

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient entropy in Zen 5 processors, which causes the RDSEED instruction to return 0 at a rate inconsistent with randomness while incorrectly signaling success (CF=1), indicating a potential misclassification of failure as success. A local user can escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Citrix XenServer: 8.4

CPE2.3 External links

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX695797


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper Verification of Cryptographic Signature

EUVDB-ID: #VU109619

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36347

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper signature verification of x86 instruction execution. A local privileged user can load malicious microcode and execute it on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Citrix XenServer: 8.4

CPE2.3 External links

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX695797


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###