Security News > 2024 > January > CISA pushes federal agencies to patch Citrix RCE within a week

CISA pushes federal agencies to patch Citrix RCE within a week
2024-01-17 18:31

Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks, pushing for a Citrix RCE bug to be patched within a week.

Citrix urged customers on Tuesday to immediately patch Internet-exposed Netscaler ADC and Gateway appliances against the CVE-2023-6548 code injection vulnerability and the CVE-2023-6549 buffer overflow impacting the Netscaler management interface that could be exploited for remote code execution and denial-of-service attacks, respectively.

After their inclusion in CISA's KEV list, U.S. Federal Civilian Executive Branch Agencies must patch devices vulnerable devices on their networks within a specific timetable, as mandated by a binding operational directive issued three years ago.

Out of the three now-patched zero-days, the cybersecurity agency wants the CVE-2023-6548 vulnerability impacting NetScaler ADC and Gateway management interfaces to be patched within a week by next Wednesday, January 24.

Although CISA did not explain the expedited CVE-2023-6548 patch process, Citrix's warning that customers should secure vulnerable appliances as soon as possible and the bug's management interface impact likely played a significant role.

Even though BOD 22-01 applies only to U.S. federal agencies, CISA urged all organizations to prioritize patching these security flaws as soon as possible.


News URL

https://www.bleepingcomputer.com/news/security/cisa-pushes-federal-agencies-to-patch-citrix-rce-within-a-week/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-01-17 CVE-2023-6549 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Citrix products
Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read
network
low complexity
citrix CWE-119
7.5
2024-01-17 CVE-2023-6548 Code Injection vulnerability in Citrix products
Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.
network
low complexity
citrix CWE-94
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Citrix 66 2 64 101 46 213