Citrix is alerting users of a critical security flaw in NetScaler Software Supply Controller (ADC) and Gateway that it said is staying actively exploited in the wild.
Tracked as CVE-2023-3519 (CVSS score: 9.8), the issue relates to a scenario of code injection that could outcome in unauthenticated remote code execution. It impacts the subsequent variations –
- NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.13
- NetScaler ADC and NetScaler Gateway 13. right before 13.-91.13
- NetScaler ADC and NetScaler Gateway model 12.1 (currently close-of-lifetime)
- NetScaler ADC 13.1-FIPS prior to 13.1-37.159
- NetScaler ADC 12.1-FIPS right before 12.1-55.297, and
- NetScaler ADC 12.1-NDcPP prior to 12.1-55.297
The company did not give additional specifics on the flaw tied to CVE-2023-3519 other than to say that exploits for the flaw have been observed on “unmitigated appliances.” However, thriving exploitation demands the machine to be configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or authorization and accounting (AAA) digital server.
Also resolved alongside CVE-2023-3519 are two other bugs –
- CVE-2023-3466 (CVSS score: 8.3) – An inappropriate input validation vulnerability resulting in a mirrored cross-website scripting (XSS) attack
- CVE-2023-3467 (CVSS score: 8.) – An inappropriate privilege management vulnerability outcomes in privilege escalation to the root administrator (nsroot)
Wouter Rijkbost and Jorren Geurts of Resillion have been credited with reporting the bugs. Patches have been designed accessible to tackle the a few flaws in the under variations –
- NetScaler ADC and NetScaler Gateway 13.1-49.13 and later releases
- NetScaler ADC and NetScaler Gateway 13.-91.13 and later on releases of 13.
- NetScaler ADC 13.1-FIPS 13.1-37.159 and later releases of 13.1-FIPS
- NetScaler ADC 12.1-FIPS 12.1-55.297 and afterwards releases of 12.1-FIPS, and
- NetScaler ADC 12.1-NDcPP 12.1-55.297 and later releases of 12.1-NDcPP
Customers of NetScaler ADC and NetScaler Gateway model 12.1 are encouraged to upgrade their appliances to a supported edition to mitigate opportunity threats.
Impending WEBINARShield In opposition to Insider Threats: Grasp SaaS Security Posture Management
Fearful about insider threats? We’ve obtained you included! Be part of this webinar to take a look at functional methods and the tricks of proactive security with SaaS Security Posture Administration.
Be a part of Now
The improvement will come amid active exploitation of security flaws learned in Adobe ColdFusion (CVE-2023-29298 and CVE-2023-38203) and the WooCommerce Payments WordPress plugin (CVE-2023-28121).
Leaving security flaws in WordPress plugins could open up the door to complete compromise, enabling menace actors to repurpose the compromised WordPress web sites for other destructive actions.
Last month, eSentire disclosed an attack marketing campaign dubbed Nitrogen whereby infected WordPress sites have been utilized to host malicious ISO impression documents that, when released, culminate in the deployment of rogue DLL documents able of contacting a remote server to fetch additional payloads, including Python scripts and Cobalt Strike.
Located this short article interesting? Observe us on Twitter and LinkedIn to read through a lot more distinctive material we article.
Some parts of this article are sourced from:
thehackernews.com