Citrix urged clients to update to the latest versions of NetScaler ADC and NetScaler Gateway due to an attack targeting a critical vulnerability. The company released patches to address the issue, known as CVE-2023-4966, on October 10. Citrix warned that exploiting the flaw could result in data disclosure. The vulnerability is most critical for customers using affected builds with NetScaler ADC configured as a gateway or as a AAA virtual server. Managed cloud and adaptive authentication customers do not need to take extra steps.
Last week, Mandiant reported that threat actors were able to bypass the patch in some cases where there had been prior exploitation. Organizations were advised to log out of all sessions as authenticated sessions may still be active after applying the patch. The Cybersecurity and Infrastructure Security Agency added Netscaler ADC and NetScaler Gateway to its list of known exploited vulnerabilities. In July, hackers had launched attacks against these systems, and Mandiant was investigating successful attacks on patched systems.
In summary, Citrix is urging its clients to update to the latest versions of NetScaler ADC and NetScaler Gateway to protect against a critical vulnerability that could lead to data disclosure. Mandiant warned that threat actors could bypass the patch in some cases, and organizations should log out of all sessions to prevent further exploitation. The Cybersecurity and Infrastructure Security Agency has added these vulnerabilities to its list of known exploited flaws, following previous attacks on Citrix systems in July.
Article Source
https://www.cybersecuritydive.com/news/citrix-netscaler-adc-gateway-patch/697615/
