Citrix Discovers Two Vulnerabilities, Both Exploited in the Wild

Two vulnerabilities have been found in NetScaler ADC and NetScaler Gateway, formerly known as Citrix ADC and Citrix Gateway, and are affecting six supported versions.

Tracked as CVE-2023-6548, this vulnerability needs access to NSIP, CLIP, or SNIP with management interface access, where, if gaining these privileges, a threat actor could authenticate remote code execution on the appliance's management interface. This vulnerability is rated a medium severity CVSS score of 5.5 on a 10-point scale. The second vulnerability, CVE-2023-6549, is a denial-of-service (DoS) issue, and the device must have an AAA virtual server or be configured as a gateway; it has been given a high severity CVSS rating of 8.2. Both of these flaws have been exploited in the wild, but no details have been shared from Citrix at this point.

Citrix has recommended that to combat CVE-2023-6548, which impacts management interfaces, "network traffic to the appliance's management interface [should be] separated, either physically or logically, from normal network traffic. In addition, we recommend that you do not expose the management interface to the Internet."

Because exploitation of these appliances has occurred, Cloud Software Group recommends that affected customers install the updated versions of these interfaces for the affected appliances, including:

Just last month, Citrix patched a critical flaw, CVE-2023-4966 (coined CitrixBleed), that was heavily exploited by threat actors, but according to Tenable researchers, these two new vulnerabilities won't have as significant of an impact. Still, users should mitigate and apply patches to their networks as soon as they can.

Citrix reports that it is alerting customers and channel partners about any potential issues that may arise due to these vulnerabilities through its bulletin in its Citrix Knowledge Center on its website. Should customers need support or assistance, they can reach out to Citrix technical support.

• SEO Powered Content & PR Distribution. Get Amplified Today.
• PlatoData.Network Vertical Generative Ai. Empower Yourself. Access Here.
• PlatoAiStream. Web3 Intelligence. Knowledge Amplified. Access Here.
• PlatoESG. Carbon, CleanTech, Energy, Environment, Solar, Waste Management. Access Here.
• PlatoHealth. Biotech and Clinical Trials Intelligence. Access Here.
• Source: https://www.darkreading.com/vulnerabilities-threats/citrix-discovers-two-vulnerabilities-both-exploited-in-the-wild