Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

ACSC issues critical alert on Citrix network firmware vulnerability

The Australian Cyber Security Centre (ACSC) has issued a critical alert after detecting a vulnerability in networking firmware commonly used on Australian networks.

user icon Daniel Croft
Wed, 19 Jul 2023
ACSC issues critical alert on Citrix network firmware vulnerability
expand image

The ACSC said that vulnerability CVE-2023-3519 had been found affecting the Citrix NetScaler ADC and NetScaler Gateway.

“The ACSC has assessed that there is significant exposure to this Citrix NetScaler ADC and NetScaler Gateway vulnerability in Australia and that any future exploitation would have significant impact to Australian systems and networks.”

Citrix, the company behind the NetScaler family of firmware, has said that exploits of the vulnerability have been found in the wild.

============
============

The detected vulnerability is the most severe of three detected vulnerabilities, according to Citrix via Rapid7.

A statement on the Rapid7 blog said that CVE-2023-3519 allows for “unauthenticated remote code execution – NOTE that the appliance must be configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server”.

Rapid7 added: “This product line is a popular target for attackers of all skill levels, and we expect that exploitation will increase quickly.”

The ACSC has said that customers of NetScaler ADC and NetScaler Gateway are highly recommended to install the latest version of both programs and that organisations should remain alert for future Citrix patches.

The other two patches detected in the Citrix NetScaler ADC and NetScaler Gateway are CVE-2023-3466 and CVE-2023-3467, both of which are considered much lower risk than CVE-2023-3519.

According to Rapid7, CVE-2023-3466 is a reflected XSS vulnerability, which requires the “victim to access an attacker-controlled link in the browser while being on a network with connectivity to the NetScaler IP (NSIP)” for successful exploitation.

CVE-2023-3467 “allows for privilege escalation to root administrator (nsroot)”.

The full critical alert can be found on the ACSC website.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.