ACSC issues critical alert on Citrix network firmware vulnerability

Children under 18 affected by NDIA data breach in November

ACSC issues critical alert on Citrix network firmware vulnerability

The Australian Cyber ​​Security Center (ACSC) has issued a critical alert after detecting a vulnerability in the network firmware commonly used in Australian networks.

The ACSC said the vulnerability CVE-2023-3519 had been found affecting Citrix NetScaler ADC and NetScaler Gateway.

“The ACSC has assessed that there is significant exposure to this vulnerability of Citrix NetScaler ADC and NetScaler Gateway in Australia and that any future exploitation would have a significant impact on Australian systems and networks.”

Citrix, the company behind the NetScaler firmware family, has said that exploits of the vulnerability have been found in the wild.

The vulnerability detected is the most serious of the three vulnerabilities detected, according to Citrix through Rapid7.

A statement on the Rapid7 blog said that CVE-2023-3519 allows “unauthenticated remote code execution; NOTE that the device must be configured as a gateway (VPN virtual server, ICA proxy, CVPN, RDP proxy) Or AAA virtual server.”

Rapid7 added: “This product line is a popular target for attackers of all levels and we expect exploitation to increase rapidly.”

The ACSC has said that NetScaler ADC and NetScaler Gateway customers are strongly recommended to install the latest version of both programs and that organizations should remain alert for future Citrix patches.

The other two patches detected in Citrix NetScaler ADC and NetScaler Gateway are CVE-2023-3466 and CVE-2023-3467, which are considered much lower risk than CVE-2023-3519.

According to Rapid7, CVE-2023-3466 is a reflected successful exploitation.

CVE-2023-3467 “allows escalation of privileges to the root administrator (nsroot).”

The full critical alert can be found on the ACSC website.

Leave a Reply

Your email address will not be published. Required fields are marked *