Citrix Discovers 2 Vulnerabilities, Both Exploited in the Wild

These vulnerabilities are the second and third for Citrix but are not expected to be as detrimental as CitrixBleed.

Two vulnerabilities have been found in NetScaler ADC and NetScaler Gateway, formerly known as Citrix ADC and Citrix Gateway, and are affecting six supported versions.
Tracked as CVE-2023-6548, this vulnerability needs access to NSIP, CLIP, or SNIP with management interface access, where, if gaining these privileges, a threat actor could authenticate remote code execution on the appliances management interface. This vulnerability is rated a medium severity CVSS score of 5.5 on a 10-point scale. The second vulnerability, CVE-2023-6549, is a denial-of-service (DoS) issue, and the device must have an AAA virtual server or be configured as a gateway; it has been given a high severity CVSS rating of 8.2. Both of these flaws have been exploited in the wild, but no details have been shared from Citrix at this point.
Citrix has recommended that to combat CVE-2023-6548, which impacts management interfaces, network traffic to the appliances management interface [should be] separated, either physically or logically, from normal network traffic. In addition, we recommend that you do not expose the management interface to the Internet.
Because exploitation of these appliances has occurred, Cloud Software Group recommends that affected customers install the updated versions of these interfaces for the affected appliances, including:
NetScaler ADC and NetScaler Gateway 14.1-12.35 and later releases
NetScaler ADC and NetScaler Gateway  13.1-51.15 and later releases of 13.1
NetScaler ADC and NetScaler Gateway 13.0-92.21 and later releases of 13.0 
NetScaler ADC 13.1-FIPS 13.1-37.176 and later releases of 13.1-FIPS 
NetScaler ADC 12.1-FIPS 12.1-55.302 and later releases of 12.1-FIPS 
NetScaler ADC 12.1-NDcPP 12.1-55.302 and later releases of 12.1-NDcPP
Just last month,
Citrix patched a critical flaw
,
CVE-2023-4966
(coined
CitrixBleed)
, that was heavily exploited by threat actors, but
according to Tenable researchers
, these two new vulnerabilities wont have as significant of an impact. Still, users should
mitigate and apply patches
to their networks as soon as they can.
Citrix reports that it is alerting customers and channel partners about any potential issues that may arise due to these vulnerabilities through its bulletin in its Citrix Knowledge Center on its website. Should customers need support or assistance, they can reach out to
Citrix technical support
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Citrix Discovers 2 Vulnerabilities, Both Exploited in the Wild