HoundER Blog

Latests Citrix ADC and Gateway Vulnerability Being Actively Exploited in the Wild

Citrix has issued an alert to notify users about a highly severe security vulnerability found in NetScaler Application Delivery Controller (ADC) and Gateway. According to the company, this flaw is currently being actively exploited in the wild. Identified as CVE-2023-3519 (CVSS score: 9.8), the problem involves a code injection issue that may lead to unauthenticated remote code execution. This vulnerability affects the following versions of the software:
  • NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.13
  • NetScaler ADC and NetScaler Gateway 13.0 before 13.0-91.13
  • NetScaler ADC and NetScaler Gateway version 12.1 (currently end-of-life)
  • NetScaler ADC 13.1-FIPS before 13.1-37.159
  • NetScaler ADC 12.1-FIPS before 12.1-55.297, and
  • NetScaler ADC 12.1-NDcPP before 12.1-55.297

Also addressed alongside CVE-2023-3519 are two other bugs:
  • CVE-2023-3466 (CVSS score: 8.3) - An improper input validation vulnerability resulting in a reflected cross-site scripting (XSS) attack
  • CVE-2023-3467 (CVSS score: 8.0) - An improper privilege management vulnerability resulting in privilege escalation to the root administrator (nsroot)

CISA has added this new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. According to HoundER's intelligence, over 15,000 Citrix IPs were identified to be vulnerable to CVE-2023-3519 worldwide.

HoundER Attack Surface Management can play a crucial role in helping organizations identify and prioritize their vulnerability management program to make it more effective against risks such as the critical security flaw in NetScaler Application Delivery Controller (ADC) and Gateway.

By leveraging HoundER's capabilities, organizations can enhance their overall security posture and respond more effectively to risks like the NetScaler ADC and Gateway vulnerability. The combination of attack surface discovery, vulnerability identification, risk prioritization, and real-time monitoring empowers organizations to stay proactive in the face of emerging threats, ensuring a more robust and resilient security posture.