Security advisories

NetScaler ADC and Gateway Zero-Day Vulnerability

July 18, 2023 | 1 MIN READ

Speak With A Security Expert Now

TALK TO AN EXPERT

THE THREAT

On July 18, 2023, Citrix disclosed three vulnerabilities impacting NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), one of which is confirmed to be exploited in the wild, prior to the release of security patches. The zero-day vulnerability, tracked as CVE-2023-3519 (CVSS: 9.8), may be exploited by a remote and unauthenticated threat actor to achieve code execution. Citrix has not released any details relating to the current exploitation activity targeting NetScaler ADC and Gateway.

As exploitation has been confirmed in the wild, eSentire strongly encourages organizations using Citrix products to update to the most current version as soon as possible.

What we're doing about it

What you should do about it

Additional information

While details surrounding CVE-2023-3519 are still minimal, it should be noted, that for successful exploitation of the vulnerability, a vulnerable device must be configured as a Gateway or AAA virtual server. Citrix servers are not configured as Gateways or AAA virtual servers by default. The eSentire Threat Intelligence team will continue to track this vulnerability going forward.

The two other vulnerabilities, disclosed by Citrix in this release, are rated as high severity but have not been exploited in real-world attacks at this time.

Impacted Citrix Products:

NetScaler Gateway and NetScaler ADC version 12.1 is out of support and will not receive any additional updates. Organizations using version 12.1 are strongly recommended to update to a supported version as soon as possible.

References:

[1] https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467

View Most Recent Advisories