Citrix Discovers Critical Security Flaw in NetScaler ADC and Gateway
Citrix has recently identified a critical security vulnerability in its NetScaler Application Delivery Controller (ADC) and Gateway platforms. This flaw, known as CVE-2023-3519, is currently being actively exploited in the wild. It involves code injection, which may lead to unauthenticated remote code execution. The affected versions include NetScaler ADC and NetScaler Gateway 13.1.
Citrix has reported a critical security flaw in its NetScaler ADC and Gateway software. The vulnerability, tracked as CVE-2023-3519, is currently being exploited in the wild. Code injection is the method used to take advantage of this flaw, potentially allowing attackers to execute unauthenticated remote code.
The impacted versions are NetScaler ADC and NetScaler Gateway 13.1. Users of these versions are encouraged to take immediate action to protect their systems.
If left unpatched, this vulnerability could have serious consequences for affected systems. Attackers could exploit the flaw to inject malicious code remotely, leading to unauthorized access and potential data breaches. The severity of this vulnerability is reflected in its CVSS score of 9.8 out of 10.
To safeguard against potential attacks exploiting this vulnerability, Citrix recommends that users update to the latest versions of NetScaler ADC and NetScaler Gateway. These updates include fixes to address the code injection vulnerability and prevent any potential remote code execution. Immediate action is crucial to ensure the security of your systems.
Citrix has discovered a critical security flaw in NetScaler ADC and Gateway, dubbed CVE-2023-3519, that is currently being exploited. The flaw involves code injection, allowing attackers to execute unauthenticated remote code. This vulnerability affects NetScaler ADC and NetScaler Gateway 13.1 versions. It is important for users to update their systems to the latest versions to mitigate the risk of unauthorized access and data breaches.Original Article: https://thehackernews.com/2023/07/zero-day-attacks-exploited-critical.html