Summary:
On July 18, 2023, Citrix disclosed multiple vulnerabilities (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467) that impact NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway). Only customer-managed platforms are affected.
CVE-2023-3519 is under active exploitation and may lead to unauthenticated remote code execution. Secureworks(R) Counter Threat Unit(TM) intelligence indicates exploitation may have been occurring since at least July 3. CVE-2023-3466 is a reflected cross-site scripting vulnerability, and CVE-2023-3467 provides privilege escalation to root administrator (nsroot).
Recommended actions:
Our Security Partner (Secureworks Counter Threat Unit) researchers recommend that customers review the Citrix bulletin and upgrade vulnerable versions as appropriate in their environments.
Questions:
If you have any questions or concerns about this advisory, please contact us via our support desk – support@empsn.org.uk