NetScaler ADC and NetScaler Gateway 13.0 before 13.0-91.13.NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.13.The following supported versions of NetScaler ADC and NetScaler Gateway are affected by the vulnerabilities: The security bulletin by Citrix about this vulnerability includes two more vulnerabilities. Cloud Software Group strongly urges affected customers of NetScaler ADC and NetScaler Gateway to install the relevant updated versions as soon as possible.” Reportedly, there are around 38,000 Citrix Gateway appliances exposed to the public Internet and exploits against Citrix ADC have been discussed, including the sale of a Remote Code Execution (RCE) exploit, on a cybercrime forum.Ĭitrix acknowledges the urgency by stating: “Exploits of CVE-2023-3519 on unmitigated appliances have been observed. What we do know is that the criminals use web shells-a script that can be used by an attacker to run remote commands and maintain persistent access on an already compromised system. CISA has released a cybersecurity advisory about the tactics, techniques, and procedures (TTPs) of the currently active campaign. Little information has been made available about the campaign that is exploiting this vulnerability. It affects appliances configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or as an authentication, authorization and accounting (AAA) virtual server. The vulnerability can lead to unauthenticated RCE. The actively exploited CVE patched in this update is CVE-2023-3519 a Citrix NetScaler ADC and NetScaler Gateway code injection vulnerability with a CVSS score of 9.8 out of 10. The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. Given the active exploitation, we would advise to do this as soon as possible. The recommended actions are to apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. We urge everyone else to take it seriously too. This means that Federal Civilian Executive Branch (FCEB) agencies need to remediate this vulnerability by Augto protect their networks against active threats. The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical unauthenticated remote code execution (RCE) vulnerability in Citrix NetScaler ADC and Citrix NetScaler Gateway to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |