Critical Vulnerability Detected in Citrix NetScaler Devices Could Expose Sensitive Information
October 10, 2023
A critical vulnerability has been discovered in Citrix's NetScaler ADC and NetScaler Gateway devices, which could lead to the exposure of sensitive data. The vulnerability, designated as CVE-2023-4966, has been assigned a CVSS score of 9.4, indicating its high severity. The flaw can be exploited remotely, without the need for high-level privileges, user interaction, or complex procedures. However, the vulnerability only affects appliances that are configured as a Gateway or an AAA virtual server.
The exact nature of the 'sensitive information' that could be exposed due to this flaw has not been detailed by the vendor. In addition to CVE-2023-4966, another vulnerability, CVE-2023-4967, was disclosed, which also requires the same prerequisites for exploitation. This high-severity flaw, with a CVSS score of 8.2, could potentially cause a Denial of Service (DoS) on vulnerable devices.
Citrix has advised users of the affected versions of NetScaler ADC and NetScaler Gateway to upgrade to a fixed version that includes security updates addressing these flaws. No mitigation strategies or workarounds have been suggested by Citrix at this time. In a security bulletin, Citrix stated, '"Cloud Software Group strongly urges affected customers of NetScaler ADC and NetScaler Gateway to install the relevant updated versions of NetScaler ADC and NetScaler Gateway as soon as possible."
It should be noted that version 12.1 has reached its end of life (EOL) and will no longer be supported by Citrix. Therefore, users are advised to upgrade to a newer, actively supported release.
Citrix products, particularly those with critical-severity flaws, are attractive targets for hackers, as these devices are often used by large organizations with valuable assets. A recent instance of such exploitation was CVE-2023-3519, a critical remote code execution flaw that Citrix fixed as a zero-day in July 2023. This flaw is currently being actively exploited by several cybercriminals who are using the available exploits for planting backdoors and stealing credentials.
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.
By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.
Accelerate Security Teams
Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.