Citrix has issued a warning to its customers using NetScaler ADC and NetScaler Gateway appliances regarding two zero-day vulnerabilities that are actively being exploited in the wild. These vulnerabilities, known as CVE-2023-6548 and CVE-2023-6549, can allow attackers to carry out remote code execution and denial of service attacks on affected devices.
The NetScaler ADC and NetScaler Gateway appliances are network solution devices designed to enhance the performance, security, and availability of applications and services in enterprise networks. Citrix has stated that the vulnerabilities only affect customer-managed devices, not those using Citrix-managed cloud services or adaptive authentication.
To mitigate the risks associated with these vulnerabilities, Citrix recommends separating network traffic to the device management interface and not exposing it to the internet. The company also states that having prior access to specific IPs is required to exploit these vulnerabilities, with CVE-2023-6548 having a medium criticality score of 5.5 and CVE-2023-6549 having a high criticality score of 8.2.
Affected devices include those running outdated versions of NetScaler ADC and NetScaler Gateway, such as versions 13.0, 13.1, and 14.1. Additionally, FIPS-compliant versions such as NetScaler ADC FIPS 12.1 and 13.1 are also vulnerable. Citrix has advised customers to upgrade to the latest supported versions to address these vulnerabilities promptly.
It is crucial for affected NetScaler ADC and NetScaler Gateway customers to install the relevant updated versions as soon as possible to avoid falling victim to potential exploitation. This recent discovery of multiple high severity vulnerabilities emphasizes the importance of maintaining up-to-date security measures to safeguard enterprise networks and applications.
Article Source
https://www.csoonline.com/article/1291514/citrix-netscaler-devices-face-active-zero-day-exploitations.html/amp/