Citrix Warns Customers of PuTTY SSH Client Flaw in XenCenter System

Citrix has issued a warning to its customers regarding a security flaw in the PuTTY SSH client that could allow attackers to steal a XenCenter admin’s private SSH key. The flaw, identified as CVE-2024-31497, affects multiple versions of XenCenter for Citrix Hypervisor 8.2 CU1 LTSR that include PuTTY.

The vulnerability, discovered by researchers Fabian Bäumer and Marcus Brinkmann from the Ruhr University Bochum, resides in the code that generates signatures from ECDSA private keys using the NIST P521 curve. An attacker could exploit this vulnerability to recover NIST P-521 private keys.

Citrix recommends that customers manually address this issue by updating the PuTTY version installed on their XenCenter system to at least version 0.81. The affected products include FileZilla, WinSCP, TortoiseGit, and TortoiseSVN, which have also released updates to fix the flaw.

Users of products or components using ECDSA NIST-P521 keys impacted by CVE-2024-31497 are advised to revoke those keys from authorized_keys, GitHub repositories, and any other relevant platforms.

For more cybersecurity news and updates, follow SecurityAffairs on Twitter (@securityaffairs) and Facebook.

By SecurityAffairs (hacking, Citrix)

, , , , , , , ,
Show Comments

Fabio

Full Stack Developer

About the Author

I’m passionate about web development and design in all its forms, helping small businesses build and improve their online presence. I spend a lot of time learning new techniques and actively helping other people learn web development through a variety of help groups and writing tutorials for my blog about advancements in web design and development.

View Articles