Security News > 2024 > January > CISA pushes federal agencies to patch Citrix RCE within a week
Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks, pushing for a Citrix RCE bug to be patched within a week.
Citrix urged customers on Tuesday to immediately patch Internet-exposed Netscaler ADC and Gateway appliances against the CVE-2023-6548 code injection vulnerability and the CVE-2023-6549 buffer overflow impacting the Netscaler management interface that could be exploited for remote code execution and denial-of-service attacks, respectively.
After their inclusion in CISA's KEV list, U.S. Federal Civilian Executive Branch Agencies must patch devices vulnerable devices on their networks within a specific timetable, as mandated by a binding operational directive issued three years ago.
Out of the three now-patched zero-days, the cybersecurity agency wants the CVE-2023-6548 vulnerability impacting NetScaler ADC and Gateway management interfaces to be patched within a week by next Wednesday, January 24.
Although CISA did not explain the expedited CVE-2023-6548 patch process, Citrix's warning that customers should secure vulnerable appliances as soon as possible and the bug's management interface impact likely played a significant role.
Even though BOD 22-01 applies only to U.S. federal agencies, CISA urged all organizations to prioritize patching these security flaws as soon as possible.
News URL
Related news
- 'Patch yesterday': Zimbra mail servers under siege through RCE vuln (source)
- CISA: Network switch RCE flaw impacts critical infrastructure (source)
- Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration (source)
- CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-17 | CVE-2023-6549 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Citrix products Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read | 7.5 |
| 2024-01-17 | CVE-2023-6548 | Code Injection vulnerability in Citrix products Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface. | 8.8 |