Open Nav
Sign Up

Urgent Alert: Critical Vulnerabilities in Citrix, VMware, and Atlassian Products

Bar Refael

January 17, 2024

Citrix, VMware, and Atlassian have reported critical security vulnerabilities in several of their products, some of which are currently being exploited in the wild. This advisory is issued to inform and guide our clients on these vulnerabilities and the essential steps required for mitigation. It highlights the urgent need to apply patches and review security measures, aiming to provide a clear understanding of the associated risks and the necessary actions for effective mitigation. Our focus is to ensure our clients are well-informed and prepared to address these vulnerabilities promptly.

Citrix NetScaler ADC and Gateway Vulnerabilities:

  • CVE-2023-6548 (CVSS: 5.5): Permits low-privileged remote code execution.
  • CVE-2023-6549 (CVSS: 8.2): Leads to denial-of-service under certain configurations.
  • Affected Versions: NetScaler ADC and Gateway versions 14.1, 13.1, 13.0, and 12.1 (including FIPS and NDcPP).

Mitigation: Upgrade to the patched versions and avoid exposing management interfaces to the internet.

VMware Aria Automation Flaw:

  • CVE-2023-34063 (CVSS: 9.9): A critical missing access control flaw.
  • Affected Versions: VMware Aria Automation (8.11.x to 8.14.x) and VMware Cloud Foundation (4.x and 5.x).

Mitigation: Directly upgrade to VMware version 8.16 post-patch application.

Atlassian Confluence RCE Bug:

  • CVE-2023-22527 (CVSS: 10.0): Template injection vulnerability causing remote code execution.
  • Affected Versions: Confluence Data Center and Server versions 8.0.x to 8.5.3 (Note: 7.19.x LTS versions are not impacted).

Mitigation: Update to the latest patched versions immediately.

Impact Assessment and Risk Analysis:

Each vulnerability presents unique risks that could lead to unauthorized access, data breaches, or service disruptions. Immediate patch application is critical.

OP Innovate’s Advisory:

  • Immediate Action: Apply all relevant patches without delay.
  • Review Security Posture: Regularly assess your organization’s security measures.
  • Stay Informed: OP Innovate will continue to provide updates on these and other cybersecurity threats.

FAQ Section:

Q1: Are these vulnerabilities currently being exploited?

  • A: Yes, some of these vulnerabilities, especially in Citrix products, are actively being exploited.

Q2: What if my organization cannot immediately apply these patches?

  • A: Implement temporary mitigations if possible, like restricting access to the management interfaces for Citrix products and limiting user privileges in VMware and Atlassian environments.

Q3: How do I know if my system is compromised?

  • A: Look for indicators of compromise such as unusual system or network activity and unauthorized administrative actions.

Conclusion and Call-to-Action:

The discovery of these vulnerabilities underscores the urgent need for vigilant cybersecurity practices. We urge all affected users to apply the recommended patches and review their security protocols. OP Innovate is dedicated to assisting our clients in navigating these challenges and ensuring the integrity of their digital assets.

Stay Safe and Secure,
OP Innovate Cybersecurity Team

Resources highlights

High-Severity WordPress Vulnerability in Forminator Plugin (CVE-2025-6463)

A critical vulnerability in the Forminator plugin, one of the most popular form-building plugins in Wordpress, allows unauthenticated attackers to delete arbitrary files on the…

Read more >

CVE-2025-6463

CVE-2025-6554: Chrome V8 Zero-Day Exploited in the Wild

On June 30, 2025, Google issued an emergency patch for a critical zero-day vulnerability in its Chrome browser, tracked as CVE-2025-6554. The flaw resides in…

Read more >

CVE-2025-6554

Critical Cisco ISE Vulnerabilities Lead to Unauthenticated RCE (CVE-2025-20281 & CVE-2025-20282)

On June 25, 2025, Cisco disclosed and patched two critical remote code execution (RCE) vulnerabilities: CVE-2025-20281 and CVE-2025-20282, affecting its widely deployed Identity Services Engine…

Read more >

CVE-2025-20281 & CVE-2025-20282

Critical Vulnerability in MegaRAC BMC Added to CISA’s KEV: CVE-2024-54085

On June 25, 2025, CISA added CVE‑2024‑54085, a critical authentication bypass vulnerability in the MegaRAC SPx Baseboard Management Controller (BMC) firmware, to its Known Exploited…

Read more >

CVE-2024-54085

‘UMBRELLA STAND’ Malware Targets Fortinet FortiGate Firewalls

‘UMBRELLA STAND’ Malware Targets Fortinet FortiGate Firewalls The UK’s National Cyber Security Centre (NCSC) has issued an alert regarding a sophisticated malware campaign dubbed “UMBRELLA…

Read more >

umbrella stand fortinet

CVE-2025-49144: Privilege Escalation in Notepad++ Installer Enables Full SYSTEM Access

A critical local privilege escalation vulnerability in the Notepad++ v8.8.1 installer allows attackers to escalate to NT AUTHORITY\SYSTEM using binary planting techniques. Tracked as CVE-2025-49144,…

Read more >

CVE-2025-49144
Under Cyber Attack?

Fill out the form and we will contact you immediately.