Citrix NetScaler bug exploited in the wild since August (CVE-2023-4966)

A recently patched Citrix NetScaler ADC/Gateway information disclosure vulnerability (CVE-2023-4966) has been exploited by attackers in the wild since late August 2023, Mandiant researchers have revealed. About CVE-2023-4966 Citrix’s security advisory, published on October 10, says that the vulnerability can lead to sensitive information disclosure, but did not explain what type of information can be disclosed to attackers. CVE-2023-4966 is exploitable remotely without authentication, and a successful attack does not hinge of user interaction. The … More →

The post …

0 day adc advisory attackers august bug citrix citrix netscaler citrix netscaler adc cve disclosure don't miss exploit exploited gateway hot stuff information information disclosure information disclosure vulnerability mandiant netscaler netscaler adc october researchers security security advisory security update sensitive sensitive information vulnerability