PatchSiren

PatchSiren cyber security CVE debrief

CVE-2016-9677 Citrix CVE debrief

CVE-2016-9677 is a Citrix Provisioning Services information-disclosure issue published on 2017-01-18. The NVD record describes a leak of sensitive kernel address information through unspecified vectors in Citrix Provisioning Services before 7.12. The issue is rated Medium (CVSS 5.3) and is categorized as CWE-200. No KEV listing or ransomware association is provided in the supplied corpus.

Vendor
Citrix
Product
CVE-2016-9677
CVSS
MEDIUM 5.3
CISA KEV
Not listed in stored evidence
Original CVE published
2017-01-18
Original CVE updated
2026-05-13
Advisory published
2017-01-18
Advisory updated
2026-05-13

Who should care

Administrators and security teams running Citrix Provisioning Services, especially environments using affected versions prior to 7.12. Systems exposed to untrusted network access should be prioritized because the CVSS vector indicates network reachability with no privileges or user interaction required.

Technical summary

The official NVD entry marks Citrix Provisioning Services versions 7.0, 7.1, 7.6, 7.7, 7.8, 7.9, and 7.11 as vulnerable, and the CVE description states that versions before 7.12 allow disclosure of sensitive kernel address information via unspecified vectors. The CVSS v3.0 vector is AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N, indicating a network-reachable information exposure with low complexity and no impact to integrity or availability.

Defensive priority

Medium. The bug is not listed as KEV in the supplied data and does not indicate code execution, but kernel address disclosure can still help attackers reduce defensive protections and support follow-on exploitation. Treat remediation as important for any reachable deployment, especially where the provisioning service is exposed beyond tightly controlled management networks.

Recommended defensive actions

  • Upgrade Citrix Provisioning Services to 7.12 or later, using Citrix guidance from the vendor advisory reference CTX219580.
  • Inventory all Provisioning Services installations and confirm whether any are on affected versions 7.0, 7.1, 7.6-7.9, or 7.11.
  • Restrict network access to Provisioning Services to trusted administrative and infrastructure networks only.
  • Review Citrix vendor guidance and related advisories for the specific remediation path and any validation steps.
  • After upgrading, verify the deployed version and document the change for affected hosts and maintenance records.

Evidence notes

All substantive facts in this debrief come from the supplied NVD/CVE corpus: the vulnerability affects Citrix Provisioning Services before 7.12, the issue concerns sensitive kernel address information disclosure, the CVSS score is 5.3/Medium, and the CVSS vector is AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N. The corpus also lists affected CPEs for Citrix Provisioning Services 7.0, 7.1, 7.6, 7.7, 7.8, 7.9, and 7.11, plus a Citrix vendor advisory reference (CTX219580).

Official resources

This is an information-disclosure vulnerability affecting Citrix Provisioning Services. The supplied corpus does not report exploitation in the wild, KEV status, ransomware use, or any code-execution impact.