Nynox advisory - Threat alert -
Citrix Netscaler ADC / Gateway

– Date: 16 January 2024 –

Threat Alert – Citrix Netscaler ADC / Gateway Multiple Vulnerabilities – Your environment might be vulnerable to multiple Citrix Netscaler ADC and Gateway vulnerabilities (CVE-2023-6548 , CVE-2023-6549). Read more below for details on the recent critical vulnerabilities.

On the 16th of January, Citrix has put out communication regarding two products who are vulnerable towards a critical zero-day vulnerability, A Denial of Service and Remote Code Execution.

What’s going on?

❗️Several critical risk vulnerabilities have been published by Citrix in Netscaler ADC and Gateway.

❗️For a Citrix Netscaler ADC and Gateway to be vulnerable, it must be configured as a Gateway (e.g. VPN, ICA Proxy, CVP, RDP Proxy) or an AAA virtual server.

❗️Attackers must be logged in to low-privilege accounts on the targeted instance and need access to NSIP, CLIP, or SNIP with management interface access.

❗️The affected versions for both products are:

14.1 before 14.1-12.35
13.1 before 13.1-51.15
13.0 before 13.0-92.21
13.1-FIPS before 13.1-37.176
12.1-FIPS before 12.1-55.302
12.1-NDcPP before 12.1-55.302

WHY IS THIS VULNERABILITY SERIOUS?

❗️A threat actor could remotely execute commands to be in control over vulnerable devices.

❗️There are currently no known IOC’s for these vulnerabilities.

❗️Citrix is aware of these vulnerabilities being used in the wild.

❗️No workarounds are available.

How does Nynox protect its customers?

🛡️ Personalized assistance to mitigate the risk

🛡️ 24×7 Incident Response (CSIRT)

🛡️ 24×7 monitoring of customer environments

WHAT CAN YOU DO TO MITIGATE THE RISK?

✅ No action is required if you are using Citrix-managed cloud services or Citrix-managed Adaptive Authentication.

✅ Since there are no workarounds, simply install the latest build of ADC and Gateway which you can find via the links below:
ADC: https://www.citrix.com/downloads/citrix-adc/
Gateway: https://www.citrix.com/downloads/citrix-gateway/

How to install the latest build of ADC and Gateway?

In need of assistent? We're here for you!

Our Latest insights

Nynox - Looking for a SOC provider - Featured Image - 169

Tips & tricks – Looking for a SOC provider?

Nynox - LinkedIn Images - 169 (4)

Nynox Advisory – Threat Alert – Microsoft Windows Desktop and server

Nynox - LinkedIn Images - 169 (3)

Nynox Advisory – Threat Alert – PHP CGI

Nynox LinkedIn 16-9

Rewatch – Expert talk – The Power of managed cybersecurity