Citrix warns admins to immediately patch NetScaler for actively exploited zero-days Pierluigi Paganini January 17, 2024 Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler ADC and Gateway appliances. Citrix warns customers to install security updates to address two actively exploited zero-day vulnerabilities, tracked as CVE-2023-6548 and CVE-2023-6549, impacting Netscaler ADC and Gateway appliances. “Exploits […]
Jan 17, 2024NewsroomVulnerability / Cyber Threat Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that are being actively exploited in the wild. The flaws are listed below – CVE-2023-6548 (CVSS score: 5.5) – Authenticated (low privileged) remote code execution on Management Interface (requires […]
U.S. authorities are struggling to contain a critical vulnerability in Citrix Netscaler Application Delivery Controller and Netscaler Gateway, widely used networking appliances that help companies enable secure remote access. Thousands of organizations worldwide use the technology, and researchers have seen attacks targeting a wide range of industries, including financial services companies, defense contractors, law firms, […]
Citrix pushed for customers to upgrade to the latest versions of NetScaler ADC and NetScaler Gateway on Monday, after learning about incidents consistent with session hijacking and credible reports of targeted attacks against a critical vulnerability. Citrix released patches to address the vulnerability, CVE-2023-4966, on Oct. 10, and warned that exploitation of the flaw can […]
A credential harvesting campaign is targeting Citrix NetScaler gateways that have not been patched against a recent vulnerability, IBM reports. Tracked as CVE-2023-3519 (CVSS score of 9.8), the vulnerability was disclosed in July, but had been exploited since June 2023, with some of the attacks targeting critical infrastructure organizations. By mid-August, threat actors exploited this […]