Citrix has disclosed highly critical vulnerabilities in NetScaler Gateway and NetScaler ADC. The Dutch Ministry of Economic Affairs’ Digital Trust Center advises users to implement these patches as soon as possible.
Citrix has released patches for the vulnerabilities in question. Both vulnerabilities allow hackers to steal sensitive information or perform DNS attacks. CVE-2023-4966, the most critical, has been actively abused since August and can cause extensive damage. CVE-2023-4966 allows unauthorized hackers to take over user sessions and perform further actions on affected systems with the privileges gained in the process.
NetScaler ADC and NetScaler Gateway have been under fire from hackers for some time. Since last year, new vulnerabilities have surfaced regularly and, often in haste, have been fixed. Recently, IBM X-Force reported that hackers are massively exploiting the CVE-2023-3519 vulnerability discovered last month in Citrix NetScaler gateways.
The Citrix NetScaler ADC and NetScaler Gateway systems affected by the vulnerability are: NetScaler ADC and NetScaler Gateway 14.1 1 to version 14.1-8.50, NetScaler ADC and NetScaler Gateway 13.1 1 to version 13.1-49.15, NetScaler ADC and NetScaler Gateway 13.0 1 to version 13.0-92.19, NetScaler ADC 13.1-FIPS 1 to version 13.1-37.164, NetScaler ADC 12.1-FIPS to version 12.1-55.300 and NetScaler ADC 12.1-NDcPP to version 12.1-55.300.
Citrix NetScaler ADC and Gateway version 12.1 have an end-of-life status and will not receive a security update. Users of this version should upgrade to a newer version soon.
Users using Citrix managed cloud services or Citrix Adaptive Automation managed service are unaffected by CVE-2023-4966.
Alert from DTC
The Dutch DTC of the Ministry of Economic Affairs also recently issued an alert for resolving the Citrix vulnerability and, in particular, CVE-2023-4966. The government security watchdog is also urging users to patch as soon as possible.