"Thousands of Citrix Servers Exposed to Zero-Day Bug"
Security researchers at the Shadowserver Foundation have found that over 15,000 Citrix servers worldwide are at risk of compromise unless administrators patch urgently. The researchers noted that of the impacted servers, the most significant number were based in the US (5700), followed by Germany (1500), the UK (1000), and Australia (582). Citrix posted an advisory about the vulnerability (CVE-2023-3519) and two others on July 18. The unauthenticated remote code execution bug has a CVSS score of 9.8. Citrix noted that it impacts NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) and emerged as a zero-day vulnerability in early July after being advertised online by a threat actor. Citrix warned that adversaries targeting CVE-2023-3519 on unmitigated appliances have been observed. Citrix strongly urges affected NetScaler ADC and NetScaler Gateway customers to install the relevant updated versions as soon as possible. The two other vulnerabilities listed in the advisory are CVE-2023-3466, a reflected cross-site scripting bug, and CVE-2023-3467, which enables privilege escalation to root administrator.
Infosecurity reports: "Thousands of Citrix Servers Exposed to Zero-Day Bug"