Citrix has warned about a critical security vulnerability in their NetScaler Application Delivery Controller (ADC) and Gateway. They stated that malicious actors in the wild actively exploit the flaw, known as CVE-2023-3519, and given a high CVSS score of 9.8.
The nature of the vulnerability is related to code injection, which could allow unauthorized individuals to execute remote code on the affected devices.
Source: MDPI
However, Citrix did not disclose specific details about the flaw, except that it has been observed on devices that have not been protected.
- NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.13
- NetScaler ADC and NetScaler Gateway 13.0 before 13.0-91.13
- NetScaler ADC and NetScaler Gateway version 12.1 (currently end-of-life)
- NetScaler ADC 13.1-FIPS before 13.1-37.159
- NetScaler ADC 12.1-FIPS before 12.1-55.297, and
- NetScaler ADC 12.1-NDcPP before 12.1-55.297
Prerequisites to commence an attack
To exploit this vulnerability successfully, the compromised device must be set up as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or an authorization and accounting (AAA) virtual server.
In addition to CVE-2023-3519, Citrix also addressed two other bugs:
- CVE-2023-3466 (CVSS score: 8.3): This vulnerability involves improper input validation, which could lead to a reflected cross-site scripting (XSS) attack.
- CVE-2023-3467 (CVSS score: 8.0): This flaw is related to improper privilege management, potentially enabling privilege escalation to the root administrator.
Citrix has released patches to fix these security issues in various versions of NetScaler ADC and NetScaler Gateway.
What must you do?
Upgrade your devices to the supported version to mitigate the risks. It is vital to be conscious of the flaws in security systems to avoid zero-day attacks, which threaten businesses’ goodwill in the long run.
PureVPN
July 19, 2023
3 years ago
