Citrix Bleed: Mass exploitation in progress (CVE-2023-4966)

CVE-2023-4966, aka “Citrix Bleed”, a critical information disclosure vulnerability affecting Citrix NetScaler ADC/Gateway devices, is being massively exploited by threat actors. According to security researcher Kevin Beaumont’s cybersecurity industry sources, one ransomware group has already distributed a Python script to automate the attack chain to their operators, and other groups have started leveraging a working exploit. CVE-2023-4966 exploited Threat actors have been quick to leverage vulnerabilities in Citrix NetScaler ADC in the past, and this … More →

The post …

adc assetnote attack attack chain citrix citrix netscaler citrix netscaler adc critical cve cybersecurity cybersecurity industry devices disclosure distributed don't miss exploit exploitation exploited gateway hardware hot stuff industry information information disclosure information disclosure vulnerability kevin kevin beaumont mandiant netscaler netscaler adc progress python python script ransomware ransomware group researcher script security security researcher threat threat actors vulnerability