Security News > 2023 > November > Hackers use Citrix Bleed flaw in attacks on govt networks worldwide

Hackers use Citrix Bleed flaw in attacks on govt networks worldwide
2023-11-01 18:46

Researchers from Mandiant report that four ongoing campaigns target vulnerable Citrix NetScaler ADC and Gateway appliances, with attacks underway since late August 2023.

The Citrix Bleed CVE-2023-4966 vulnerability was disclosed on October 10 as a critical severity flaw impacting Citrix NetScaler ADC and NetScaler Gateway, allowing access to sensitive information on the devices.

New critical Citrix NetScaler flaw exposes 'sensitive' data.

Citrix Bleed exploit lets hackers hijack NetScaler accounts.

Hackers hijack Citrix NetScaler login pages to steal credentials.

Hackers exploit recent F5 BIG-IP flaws in stealthy attacks.


News URL

https://www.bleepingcomputer.com/news/security/hackers-use-citrix-bleed-flaw-in-attacks-on-govt-networks-worldwide/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-10-10 CVE-2023-4966 Unspecified vulnerability in Citrix products
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server. 
network
low complexity
citrix
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Citrix 116 19 175 79 65 338