Citrix Archives - Security Affairs

Pierluigi Paganini June 26, 2025

CitrixBleed 2: The nightmare that echoes the ‘CitrixBleed’ flaw in Citrix NetScaler devices

New Citrix flaw ‘CitrixBleed 2’ lets attackers steal session cookies without logging in, echoing a previously exploited vulnerability. A new flaw in Citrix NetScaler ADC and Gateway, dubbed ‘CitrixBleed 2‘ (CVE-2025-5777, CVSS v4.0 Base Score of 9.3), can allow unauthenticated attackers to steal session cookies, similar to a past critical exploit. The vulnerability is an […]

Pierluigi Paganini February 20, 2025

Citrix addressed NetScaler console privilege escalation flaw

Citrix addressed a high-severity privilege escalation vulnerability impacting NetScaler Console and NetScaler Agent under certain conditions. Citrix released security updates to address a high-severity security vulnerability, tracked as CVE-2024-12284 (CVSS score of 8.8) impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent. The vulnerability is an improper privilege management that could allow attackers to escalate privileges […]

Pierluigi Paganini July 10, 2024

Citrix fixed critical and high-severity bugs in NetScaler product

IT giant Citrix addressed multiple vulnerabilities, including critical and high-severity issues in its NetScaler product. Citrix released security updates to address critical and high-severity issues in its NetScaler product. The most severe issue is an improper authorization flaw, tracked as CVE-2024-6235 (CVSS score of 9.4). An attacker with access to the NetScaler Console IP can […]

Pierluigi Paganini May 10, 2024

Citrix warns customers to update PuTTY version installed on their XenCenter system manually

Citrix urges customers to manually address a PuTTY SSH client flaw that could allow attackers to steal a XenCenter admin’s private SSH key. Versions of XenCenter for Citrix Hypervisor 8.2 CU1 LTSR used PuTTY, a third-party component, for SSH connections to guest VMs. However, PuTTY inclusion was deprecated with XenCenter version 8.2.6, and any versions […]

Pierluigi Paganini January 18, 2024

CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chrome and Citrix flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This week Citrix warned customers to install security updates to address two actively exploited zero-day vulnerabilities, tracked as CVE-2023-6548 and CVE-2023-6549, […]

Pierluigi Paganini January 17, 2024

Citrix warns admins to immediately patch NetScaler for actively exploited zero-days

Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler ADC and Gateway appliances. Citrix warns customers to install security updates to address two actively exploited zero-day vulnerabilities, tracked as CVE-2023-6548 and CVE-2023-6549, impacting Netscaler ADC and Gateway appliances. “Exploits of these CVEs on unmitigated appliances have been observed. Cloud Software Group strongly urges affected customers […]

Pierluigi Paganini December 19, 2023

Comcast’s Xfinity customer data exposed after CitrixBleed attack

Comcast’s Xfinity discloses a data breach after a cyber attack hit the company by exploiting the CitrixBleed vulnerability. Comcast’s Xfinity is notifying its customers about the compromise of their data in a cyberattack that involved the exploitation of the CitrixBleed flaw. CitrixBleed is a critical vulnerability, tracked as CVE-2023-4966, in Citrix NetScaler ADC (Application Delivery […]

Pierluigi Paganini October 18, 2023

Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August

Experts reported that the vulnerability CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been exploited in attacks since late August. On October 10, Citrix published a security bulletin related to a critical vulnerability, tracked as CVE-2023-4966, in Citrix NetScaler ADC/Gateway devices. “Exploits of CVE-2023-4966 on unmitigated appliances have been observed.” reported Citrix. “Cloud Software Group strongly urges customers of […]

Pierluigi Paganini August 02, 2023

Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks

Researchers warn that hundreds of Citrix servers have been hacked in an ongoing campaign exploiting the RCE CVE-2023-3519. Security researchers from the non-profit organization Shadowserver Foundation reported that hundreds of Citrix Netscaler ADC and Gateway servers have already been compromised as part of an ongoing campaign exploiting the critical remote code execution (RCE) vulnerability CVE-2023-3519. […]

Pierluigi Paganini July 31, 2023

Experts warn attackers started exploiting Citrix ShareFile RCE flaw CVE-2023-24489

Researchers warn that threat actors started exploiting Citrix ShareFile RCE vulnerability CVE-2023-24489 in the wild. Citrix ShareFile is a widely used cloud-based file-sharing application, which is affected by the critical remote code execution (RCE) tracked as CVE-2023-24489 (CVSS score of 9.1). The flaw impacts the customer-managed ShareFile storage zones controller, an unauthenticated, remote attacker can […]

Citrix

CitrixBleed 2: The nightmare that echoes the ‘CitrixBleed’ flaw in Citrix NetScaler devices

Citrix addressed NetScaler console privilege escalation flaw

Citrix fixed critical and high-severity bugs in NetScaler product

Citrix warns customers to update PuTTY version installed on their XenCenter system manually

CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog

Citrix warns admins to immediately patch NetScaler for actively exploited zero-days

Comcast’s Xfinity customer data exposed after CitrixBleed attack

Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August

Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks

Experts warn attackers started exploiting Citrix ShareFile RCE flaw CVE-2023-24489

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Seychelles Commercial Bank Reported Cybersecurity Incident

Microsoft uncovers macOS flaw allowing bypass TCC protections and exposing sensitive data

U.S. CISA adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog

Critical WordPress Post SMTP plugin flaw exposes 200K+ sites to full takeover

Scattered Spider targets VMware ESXi in using social engineering

QUICK LINKS

Citrix

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!