Pierluigi Paganini
July 19, 2023
Citrix is warning customers of a critical vulnerability, tracked as CVE-2023-3519 (CVSS score: 9.8), in NetScaler Application Delivery Controller (ADC) and Gateway that is being actively exploited in the wild.
The vulnerability, tracked as CVE-2023-3519 (CVSS score: 9.8), is a code injection that could result in unauthenticated remote code execution. The IT giant warns of the availability of exploits for this vulnerability that have been observed in attacks against unmitigated appliances. The company added that successful exploitation requires that the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
“Exploits of CVE-2023-3519 on unmitigated appliances have been observed. Cloud Software Group strongly urges affected customers of NetScaler ADC and NetScaler Gateway to install the relevant updated versions as soon as possible.” reads the report published by Citrix.
The Citrix Cloud Software Group is strongly urging affected customers to install the relevant updated versions as soon as possible.
Below is the list of the impacted versions:
The advisory states that NetScaler ADC and NetScaler Gateway version 12.1 is now End Of Life (EOL). Customers are recommended to upgrade their appliances to one of the supported versions that address the vulnerability.
Citrix has yet to reveal technical details on the attacks.
The company also addressed a Reflected Cross-Site Scripting (XSS) vulnerability tracked as CVE-2023-3466 (CVSS score: 8.3) and a Privilege Escalation to root administrator (nsroot) vulnerability tracked as CVE-2023-3467 (CVSS score: 8.0).
The issues were discovered by Wouter Rijkbost and Jorren Geurts of Resillion.
The company addressed al the issues with the release of the following versions:
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Citrix)
