Citrix announced new patches on Tuesday for three vulnerabilities. One of the vulnerabilities, tracked as CVE-2023-3519, is actively exploited and allows remote code execution.
The zero-day specifically affects Citrix ADC and Gateway products that are configured as gateway or AAA virtual servers. Cybersecurity firm Rapid7 warned organizations that exploitation of the bug will likely increase rapidly due to the products’ popularity. Citrix noted that vulnerabilities in its products are known to be exploited by profit-seeking cybercriminals and state-sponsored threat actors. The other two bugs addressed in the patches are CVE-2023-3466 and CVE-2023-3467. The first is a cross-site scripting issue that could be exploited if targeted users clicked on malicious links, and the second allowed authenticated attackers to escalate privileges to root administrator. CISA also released an alert with details about the Citrix vulnerabilities.
Read More: