Citrix currently warns about critical security vulnerabilities. NetScaler ADC and NetScaler Gateway are affected. The following security vulnerabilities are involved:
- CVE-2023-3466 Reflected Cross-Site Scripting (XSS), Requires the victim to access an attacker-controlled link in the browser while being on a network with connectivity to the NSIP.
- CVE-2023-3467 Privilege Escalation to root administrator (nsroot), Authenticated access to NSIP or SNIP with management interface access.
- CVE-2023-3519 Unauthenticated remote code execution, Appliance must be configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server. For more information, please visit: Citrix ADC and Citrix Gateway Security Bulletin for CVE-2023-3519, CVE-2023-3466, CVE-2023-3467.
Origin article from Citrix: https://support.citrix.com/article/CTX561482
Especially the last CVE in the list appears as high critical with a rating 9,8 of 10!
Based on current knowledge, the following versions are affected:
- NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.13
- NetScaler ADC and NetScaler Gateway 13.0 before 13.0-91.13
- NetScaler ADC 13.1-FIPS before 13.1-37.159
- NetScaler ADC 12.1-FIPS before 12.1-65.36
- NetScaler ADC 12.1-NDcPP before 12.65.36
IMPORTANT: Netscaler Version 12.1 won`t get any updates!
I strongly recommend installing the updated versions of NetScaler ADC and NetScaler Gateway as soon as possible.
In the meantime there are also several Exploits in the wild as well as some IOC scanner:
- Citrix has released a IOC scan script, available from the Support team
- SecureKomodo has created a scanner and this is downloadable via https://github.com/securekomodo/citrixInspector
Marco Klose works as a Technical Consultant, Architect and CTO focused on Application & Desktop virtualization as well as application delivery with the Citrix product portfolio. He is specialized in Citrix virtualization, Citrix networking and Microsoft products. He has +10 years experience and holds the latest Citrix certifications and is member of the Citrix Partner Expert Council EMEA (PTEC). Since 2021 he is also a Citrix Technology Advocate (CTA).