2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability

From securityweek.com

Tracked as CVE-2023-3519, the critical vulnerability was disclosed last month as a zero-day, being exploited since June 2023, including in attacks against critical infrastructure organizations.

The issue allows unauthenticated, remote attackers to execute arbitrary code on vulnerable Citrix Application Delivery Controller (ADC) and Gateway appliances that are configured as a gateway or AAA virtual server.

Roughly a week after Citrix released patches for the bug, cybersecurity firm Bishop Fox warned that it had identified more than 20,000 Citrix appliances vulnerable to a new exploit.

Read more…