Security News > 2023 > July > Citrix NetScaler zero-day exploited in the wild, patch is available (CVE-2023-3519)

Citrix NetScaler zero-day exploited in the wild, patch is available (CVE-2023-3519)
2023-07-19 09:30

Citrix has patched three vulnerabilities in NetScaler ADC and NetScaler Gateway, one of which is a zero-day being exploited by attackers.

In early 2022, the company reported the exploitation of a RCE vulnerability in its Citrix ADC deployments by a Chinese state-sponsored group.

Earlier this year, ransomware threat actors also exploited an auth bypass flaw on Citrix ADC and Gateway.

NetScaler ADC and NetScaler Gateway version 12.1 have reached end-of-life, meaning they are now vulnerable and should be updated to a supported version as soon as possible.

"This bulletin only applies to customer-managed NetScaler ADC and NetScaler Gateway. Customers using Citrix-managed cloud services or Citrix-managed Adaptive Authentication do not need to take any action," Citrix added.

There is a document containing indicators of compromise and "Mentioning a PHP webshell, a SetUID binary and an IP" that enterprise admins can use to check whether their Citrix systems have been compromised, but it has yet to be made publicly available.


News URL

https://www.helpnetsecurity.com/2023/07/19/cve-2023-3519/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Citrix 66 2 64 101 46 213