Citrix has issued a warning to its customers using NetScaler ADC and NetScaler Gateway appliances regarding two zero-day vulnerabilities that are actively being exploited in the wild. These vulnerabilities, known as CVE-2023-6548 and CVE-2023-6549, can allow attackers to carry out remote code execution and denial of service attacks on affected devices. The NetScaler ADC and … Read more
Citrix has issued a warning to its NetScaler ADC customers regarding a new zero-day exploit that could potentially pose a significant security risk. The company has urged all users of the application delivery controller to take immediate action to protect their systems. The zero-day exploit was discovered by security researchers who found a vulnerability in … Read more
Duo Security integrates with your on-premises NetScaler to provide two-factor authentication for remote access logins. Duo supports self-service enrollment and Duo Prompt through a web browser for Citrix Gateway login. Additionally, for Citrix Receiver or Workspace connections, Duo supports passcodes, phone, and push authentication. The configuration allows Duo to act as a secondary RADIUS authentication … Read more
Citrix’s NetScaler ADC and NetScaler Gateway products have been targeted once again by two new zero-day vulnerabilities. The vulnerabilities, known as CVE-2023-6549 and CVE-2023-6548, were recently disclosed and patched. CVE-2023-6549 is considered a high severity denial of service flaw, while CVE-2023-6548 allows for remote code execution in management interfaces by authenticated attackers. Exploits for these … Read more
Duo Security offers two-factor authentication for Citrix Gateway through integration with on-premises NetScaler. This includes support for interactive enrollment, passcodes, phone, and push authentication methods. Integration requires setting up two RADIUS policies for primary authentication, one each for browser-based Gateway logins and Receiver or Workspace client connections. The Duo Authentication Proxy handles both primary and … Read more
Citrix quietly fixed a vulnerability in its NetScaler Application Delivery Control (ADC) and Gateway appliances that allowed remote, unauthenticated attackers to potentially access sensitive information stored in the memory of the affected systems. The flaw was similar to the “CitrixBleed” zero-day vulnerability disclosed by Citrix last year, but not as severe, according to researchers at … Read more
A security vulnerability has been identified in Citrix NetScaler ADC and Gateway appliances, allowing remote attackers to access sensitive data without authentication. This flaw, known as an out-of-bounds memory read issue, affects software versions up to 13.1-50.23 and has been compared to the previously known CitrixBleed vulnerability, though it is considered less serious in terms … Read more