CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-3502link is external TrueConf Client Download of Code Without Integrity Check Vulnerability This type of vulnerability is a frequent attack vector for...

After updating MCS Catalog no changes are made to the VMs in the catalog

MCS catalog can be updated with a new master image with no errors. Howver when the VMs are rebooted from the DAAS console the VMS are not updated with the new image...

CVE-2023-46349

In the module "Product Catalog CSV, Excel Export/Update" updateproducts 3.8.5 from MyPrestaModules for PrestaShop, a guest can perform SQL injection. The method productsUpdateModel::getExportIds has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL...

CVAD2203 - MCS catalog update failure with error "Machine <MasterImageVM> is not found"

MCS catalog update failure - Error - Machine is not found Terminating Error: An error occurred while publishing the image. Stack Trace: at Citrix.Orchestration.Base.PowerShellSdk.ProvisioningSchemeService.BackgroundTasks.ProvisioningSchemeTask.ThrowOnTerminatingErrorSdkProvisioningSchemeAction...

BlobTierInadequateForContentLength during Machine Catalog Update

The following error is seen while updating a MCS Machine Catalog after resizing the size of the Master VM disk. Exception: StudioErrorId : ProvisioningTaskError ErrorCategory : NotSpecified TaskState : FailedToCreateImagePreparationVm TaskStateInformation : Terminated ErrorId :...

CVAD 2402 - Updating MCS non-profile based catalog to profile based

Boot Diagnostic setting needs to be applied to already created non profile based MCS random catalog. To inherit profile based settings from a VM source to an existing catalog which is non-profile based...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-1976link is external Broadcom Brocade Fabric OS Code Injection Vulnerability CVE-2025-42599link is external Qualitia Active! Mail Stack-Based Buffer Overflow...

Citrix DaaS 2402 CU2 - MCS Catalog update fails with MDM error

StudioErrorId : ProvisioningTaskError ErrorCategory : NotSpecified TaskState : FailedToUnregisterMasterImageFromMdm TaskStateInformation : Terminated ErrorId : FailedToUnregisterMasterImageFromMdm Operation : ImagePreparation ErrorMessage : A problem was detected while unregistering from the MDM...

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0411link is external 7-Zip Mark of the Web Bypass Vulnerability CVE-2022-23748link is external Dante Discovery Process Control Vulnerability CVE-2024-21413link is...

Image preparation step 'FixSCCM' failed. error

When updating a catalog with MCS this error is seen . Image Preparation Finalization Failed Stack Trace: at Citrix.Orchestration.Base.PowerShellSdk.ProvisioningSchemeService.BackgroundTasks.ProvisioningSchemeTask.ThrowOnTerminatingErrorSdkProvisioningSchemeAction sdkProvisioningSchemeAction at...

Provisioned VDAs do not support Azure Hibernation after enabling it on existing MCS Catalog

An existing MCS Catalog with no hibernation support is being updated to support hibernation. Azure hibernation has been enabled on the base image, the image template, and the MCS Catalog. However, after performing an Image Update on the Catalog, the provisioned VDAs still do not support hibernati...

Security Bulletin: VMware Tanzu Spring Security is vulnerable to CVE-2023-34042 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses VMware Tanzu Spring Security, which is vulnerable to CVE-2023-34042. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-34042 DESCRIPTION: VMware Tanzu Spring Security could...

Machine catalog updates failure with error the master VM as an invalid configuration

VMWARE Hypervisor When updating a particular machine catalog with a new master image, the operation fails early on with one of the following: "action name: updatemachinecatalogprovisiningscheme" "action name: MCUpdateMachineCatalog" Error : The master VM as an invalid configuration Same issue...

Azure MCS catalog update fails with FailedToStartImagePreparationVm - CreateUpdateVm-1 timed out

Unable to update a machine catalog for an Azure hosted MCS deployment. The MCS process fails early about 15% into the update The error message shows "Error - Terminated", and the action name is "MCUpdateMachineCatalog" The full stack trace is similar to this : TerminatedStack Trace: at...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-33009 Zyxel Multiple Firewalls Buffer Overflow Vulnerability CVE-2023-33010 Zyxel Multiple Firewalls Buffer Overflow Vulnerability These types of vulnerabiliti...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-34362 Progress MOVEit Transfer SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

.NET 6.0 Update - Mar 14, 2023 (KB5024670)

.NET 6.0 Update - Mar 14, 2023 KB5024670 .NET 6.0 has been refreshed with the latest update as of March 14, 2023. This update contains non-security fixes. See the release notes for details on updated packages..NET 6.0 servicing updates are upgrades. The latest servicing update for 6.0 will remove...

Citrix Hypervisor 8.2 : MCS Catalog update deletes Target base disks.

Xenserver audit.log throwsERROR:NOTSUPPORTEDDURINGUPGRADE Mar 30 02:38:59 XXXXX xapi: 20220330T00:38:59.214Z|audit||8715 HTTP 10.1.XX.XX-:::80|VDI.setonboot R:780016cf9118|audit 'trackid=39b4363b70f699b0ab419280ab8b4fe2' 'S-1-XXXX-XX-XX-8' 'XX\\XXXXX' 'ALLOWED' 'ERROR:NOTSUPPORTEDDURINGUPGRADE :...

Servicing stack update for Windows 10, version 1507: April 10, 2018

Servicing stack update for Windows 10, version 1507: April 10, 2018 Summary This update makes stability improvements for the Windows 10, version 1507 servicing stack. How to get this update Method 1: Windows Update This update will be downloaded and installed automatically. Method 2: Microsoft...

Error: “Preparation of the Master VM Image failed” When UPDATING a Catalog

NOTE : This article contains information about UPDATING a CatalogONLY. For information on CREATING a Catalog see: CTX140734 Updating a catalog might fail during Image Preparation because of many reasons. In order to identify what caused the failure we need to collect preparation Image logs...