Security News > 2023 > August > New CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices

New CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices
2023-08-15 15:32

Mandiant has released a scanner to check if a Citrix NetScaler Application Delivery Controller or NetScaler Gateway Appliance was compromised in widespread attacks exploiting the CVE-2023-3519 vulnerability.

The critical CVE-2023-3519 Citrix flaw was discovered in mid-July 2023 as a zero-day, with hackers actively exploiting it to execute code remotely without authentication on vulnerable devices.

Today, Mandiant released a scanner that enables organizations to examine their Citrix ADC and Citrix Gateway devices for signs of compromise and post-exploitation activity.

If it detects that the device was compromised, the scanner will display a detailed report listing the various indicators of compromise that were detected.

The scanner was designed to be used with Citrix ADC and Citrix Gateway versions 12.0, 12.1, 13.0, and 13.1.

New critical Citrix ADC and Gateway flaw exploited as zero-day.


News URL

https://www.bleepingcomputer.com/news/security/new-cve-2023-3519-scanner-detects-hacked-citrix-adc-gateway-devices/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-07-19 CVE-2023-3519 Code Injection vulnerability in Citrix products
Unauthenticated remote code execution
network
low complexity
citrix CWE-94
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Citrix 116 19 175 79 65 338