Critical Vulnerability in Citrix XenServer and Hypervisor Allows Malicious Admin to Crash Host System

Citrix has released a security advisory detailing vulnerabilities in XenServer and Citrix Hypervisor that could allow a malicious guest VM administrator to crash or disable the host system.

The vulnerabilities, identified as CVE-2024-45817, CVE-2022-24805, and CVE-2022-24809, impact XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR. The most critical of these, CVE-2024-45817, enables a malicious administrator from a guest VM to crash or render the host unresponsive.

“Both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR are affected by a vulnerability that could allow a malicious guest VM admin to cause a crash or host unresponsiveness,” Citrix stated in its advisory.

Additionally, two other flaws in XenServer 8 could let an attacker on the management network crash or make the SNMP service unresponsive.

Citrix has issued patches to fix these vulnerabilities. For XenServer 8 users, updates are available through the Early Access and Normal channels, and it’s recommended to update to the latest version. A hotfix (XS82ECU1077) has also been released for Citrix Hypervisor 8.2 CU1 LTSR users.

Citrix has notified customers and partners of this security issue through its security bulletin, and users needing help are encouraged to reach out to Citrix Technical Support.

The vulnerabilities are classified as medium in severity, and Citrix urges users to apply updates as soon as possible to reduce the risk of exploitation. The Cybersecurity and Infrastructure Security Agency (CISA) has also issued an alert highlighting the importance of applying these security patches.

Share this post :