Published on: 19 July 2023
Citrix released a security advisory to address multiple vulnerabilities in Citrix NetScaler ADC and Citrix NetScaler Gateway. An attacker could exploit these vulnerabilities by sending specially crafted requests to an affected system.
Reports indicate that the remote code execution vulnerability (CVE-2023-3519) is being exploited in the wild. System administrators are advised to take immediate actions to patch your affected systems to mitigate the elevated risk of cyber attacks.
Please note that Citrix NetScaler ADC and Citrix NetScaler Gateway version 12.1 has reached End-Of-Life (EOL). As version 12.1 is vulnerable with no security updates provided, system administrators should arrange to upgrade the NetScaler ADC and NetScaler Gateway to supported versions or migrate to other supported technology.
Depending on the vulnerability being exploited, a successful exploitation could lead to remote code execution, privilege escalation or spoofing on an affected system.
Software updates for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.