Security News > 2023 > July > Netscaler ADC bug exploited to breach US critical infrastructure org
The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week.
Because the targeted NetScaler ADC appliance was in a segregated environment on the network, the hackers were not able to move laterally to a domain controller, CISA says.
NetScaler configuration files that contain an encrypted password whose key is on the ADC appliance.
An initial assessment from The Shadowserver Foundation, a non-profit organization for making the internet more secure, saw that CVE-2023-3519 was likely affecting more than 11,000 NetScaler ADC and Gateway servers exposed online.
New critical Citrix ADC and Gateway flaw exploited as zero-day.
VMware warns of exploit available for critical vRealize RCE bug.
News URL
Related news
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- US drug testing firm says data breach impacted 3.3 million people (source)
- US drug testing firm DISA says data breach impacts 3.3 million people (source)
- CISA: Medusa ransomware hit over 300 critical infrastructure orgs (source)
- UAT-5918 Targets Taiwan's Critical Infrastructure Using Web Shells and Open-Source Tools (source)
- Oracle Health breach compromises patient data at US hospitals (source)
- China reportedly admitted directing cyberattacks on US infrastructure (source)
- Hertz data breach: Customers in US, EU, UK, Australia and Canada affected (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-19 | CVE-2023-3519 | Code Injection vulnerability in Citrix products Unauthenticated remote code execution | 9.8 |