"Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation"

Citrix recently informed customers that two new zero-day vulnerabilities affecting its NetScaler ADC and Gateway products have been exploited in attacks.  One of the flaws tracked as CVE-2023-6548 is a medium-severity issue that allows a low-privileged authenticated attacker to execute arbitrary code on the management interface remotely.  The second vulnerability, CVE-2023-6549, is a high-severity issue that can be exploited for denial-of-service (DoS) attacks.  Citrix warned that exploits of these CVEs on unmitigated appliances have been observed and is urging customers to install the available patches as soon as possible.  Citrix noted that exploitation of CVE-2023-6548 requires access to the appliance’s management interface, and the DoS flaw can only be exploited against devices configured as a gateway or AAA virtual server.  There does not appear to be any information on the attacks.  Based on the few available details, the vulnerabilities may be exploited in highly targeted attacks and possibly chained with other security holes.  

 

SecurityWeek reports: "Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation"

Submitted by Adam Ekwall on