Citrix urged customers on Tuesday to immediately patch Netscaler ADC and Gateway appliances exposed online against two actively exploited zero-day vulnerabilities. The two zero-days (tracked as ...

Much similar to Citrix-Bleed, the information disclosure bug was identified within NetScaler devices configured as gateway or virtual servers. A critical vulnerability has been affecting a line of ...

Citrix today is alerting customers of a critical-severity vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and “strongly urges” to ...

Mandiant provided security guidance that goes well beyond the advice Citrix provided. Specifically: • Isolate NetScaler ADC and Gateway appliances for testing and preparation of patch deployment.

Citrix has released updates to close security vulnerabilities. Citrix Netscaler ADC, Netscaler Gateway and Session Recording are vulnerable to attacks. The US IT security authority CISA assumes ...

On October 10, network equipment maker Citrix disclosed the vulnerability affecting on-premise versions of its NetScaler ADC and NetScaler Gateway platforms, which large enterprises and ...

Time may be running short for users of Citrix’s NetScaler Application Delivery Controller (ADC) and NetScaler Gateway products who have not yet patched against two recently disclosed ...

The vulnerability, tracked as CVE-2023-4966 and residing in Citrix’s NetScaler Application Delivery Controller and NetScaler Gateway, has been under active exploitation since August. Citrix ...

the malicious campaign exploits zero-day vulnerability CVE-2023-3519 to compromise NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway servers. The unauthenticated remote code execution ...

which affects Citrix NetScaler web application delivery control and NetScaler Gateway appliances and, according to CISA, has been exploited by nation state actors as well as LockBit.

In mid-November, Citrix also closed security gaps in Netscaler ADC and Gateway. The vulnerabilities allowed attackers to at least paralyze vulnerable services, but possibly also to infiltrate and ...