Windows DCOM hardening

security and privacy

Introduction The Distributed Component Object Model (DCOM) Remote Protocol is a protocol for exposing application objects by way of remote procedure calls (RPCs). The protocol consists of a set of extensions layered on Microsoft Remote Procedure Call Protocol Extensions as specified in [MS-RPCE]. The DCOM Remote Protocol is also referred to as Object RPC or … Read more

Citrix ADC security vulnerabilities

security and privacy

Citrix ADC security vulnerabilities description A new security vulnerability with ID CVE-2021-22955 (Unauthenticated denial of service) has been discovered in Citrix ADC, which affects the following Citrix products and firmware versions: Also a new security vulnerability with ID CVE-2021-22956 (Temporary disruption of the Management GUI, Nitro API and RPC communication) has been discovered in Citrix … Read more

Citrix announced VAD security vulnerabilities

Citrix Virtual Apps and Desktops Deployment and Adoption Resource Center

Case Citrix announced VAD security vulnerabilities. On November 10th 2020 the following vulnerabilities were announced. CVE ID Description Vulnerability Type Pre-conditions  CVE-2020-8269 An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM CWE-269: Improper Privilege Management The attacker must be an authenticated user on the Windows VDA with write access to the C:\ directory CVE-2020-8270 An unprivileged Windows user on the VDA or a SMB user can perform arbitrary command execution as SYSTEM … Read more

Citrix Security Vulnerability CVE-2019-19781

CVE Citrix

The Cybersecurity and Infrastructure Security Agency (CISA) has released a utility that enables users and administrators to test whether their Citrix Application Delivery Controller (ADC) and Citrix Gateway software is susceptible to the CVE-2019-19781 vulnerability. According to Citrix Security Bulletin CTX267027, beginning on January 20, 2020, Citrix will be releasing new versions of Citrix ADC and Citrix Gateway … Read more