Active exploitation of Citrix Netscaler ADC, Gateway bug underway

Citrix has disclosed that vulnerable NetScaler Application Delivery Controller and Gateway instances have been targeted in ongoing attacks leveraging the critical remote code execution flaw, tracked as CVE-2023-3519, The Hacker News reports. Threat actors could successfully exploit the vulnerability, which impacts various NetScaler ADC and NetScaler Gateway appliances, provided that the targeted devices are configured to either be a Gateway or authorization and accounting virtual server, according to Citrix, which has already released updates to address the vulnerability along with an improper input validation bug, tracked as CVE-2023-3466, and the improper privilege management flaw, tracked as CVE-2023-3467. However, organizations leveraging NetScaler ADC and NetScaler Gateway version 12.1, which have reached end-of-life, were urged to upgrade to newer versions of the appliance software. Such attacks have prompted the inclusion of CVE-2023-3519 in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies ordered to remediate the flaw by Aug. 9.