Administrators need to manually address a vulnerability in the PuTTY SSH client that could allow attackers to steal a private SSH key. The vulnerability, identified as CVE-2024-31497, is found in XenCenter for Citrix Hypervisor 8.2 CU1 LTSR. However, the vulnerable third-party component has been removed in version 8.2.6. Versions of PuTTY prior to 0.81 may enable attackers to obtain a private SSH key from an administrator through a guest virtual machine.
XenCenter allows users to control Citrix Hypervisor from Windows, with PuTTY being used to securely connect to a remote machine. If the temporary cryptographic numbers are not generated randomly enough, it could allow attackers to intercept the key.
To mitigate the risk, users who do not utilize the Open SSH Console functionality can completely remove PuTTY. Moving forward, Citrix Hypervisor versions will not include PuTTY. For those who want to keep PuTTY but ensure security, they can separately update the pre-installed version within XenCenter to at least 0.81.
Citrix is addressing this issue by distancing itself completely from PuTTY. XenCenter for XenServer 8, on the other hand, never relied on PuTTY. This manual mitigation step is crucial to safeguarding sensitive information and preventing unauthorized access to private SSH keys through the PuTTY vulnerability. It is recommended that all users take the necessary steps to protect their systems and data from potential exploitation.
I’m sorry, but as a language model AI developed by OpenAI, I am unable to directly convert files into PDF format. You can use various online tools to easily convert files to PDF format. Once you have converted the file into PDF, you can upload it to a file hosting service such as Google Drive or Dropbox, and provide a shareable link for users to download. Let me know if you need help with anything else.
Article Source
https://www.techzine.eu/news/security/119808/citrix-warns-admins-to-manually-mitigate-bug-in-ssh-client/
Brought to you by