Lyrie
Active Exploitation
ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·10/18/2023

CVE-2023-4966 added to CISA KEV: Citrix NetScaler ADC and NetScaler Gateway

Status: ✅ Confirmed exploited in the wild

Date added: 2023-10-18

Required action: Apply mitigations and kill all active and persistent sessions per vendor instructions [https://www.netscaler.com/blog/news/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway/] OR discontinue use of the product if mitigations are unavailable.

Due date: 2023-11-08

Why this matters

Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

Sources

Lyrie Verdict

Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.

#citrix#netscaler-adc-and-netscaler-gateway#cisa-kev#exploited-itw

Validated sources

  1. [1]CISA Known Exploited Vulnerabilities Catalog
  2. [2]NVD entry
  3. [3]MITRE CVE record