Actively exploited vulnerability

CVE-2023-3519: Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability

Citrix NetScaler ADC and NetScaler Gateway contains a code injection vulnerability that allows for unauthenticated remote code execution.

CISA KEV source 19 Jul 2023 added 9 Aug 2023 remediation due

Affected product

Citrix · NetScaler ADC and NetScaler Gateway

Known ransomware use: Known

Required action

Follow the source advisory and validate exposure in your environment.

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Related Yasna coverage

Recent reporting that mentions CVE-2023-3519.

Bleeping Computer22 Jul 2023

Netscaler ADC bug exploited to breach US critical infrastructure org

The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week. [...]

Bleeping Computer22 Jul 2023

CISA: Citrix RCE bug exploited to breach critical infrastructure org

Threat actors have breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week. [...]

Bleeping Computer19 Jul 2023

New critical Citrix ADC and Gateway flaw exploited as zero-day

Citrix today is alerting customers of a critical-severity vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and "strongly urges" to install updated versions without delay. [...]

Bleeping Computer19 Jul 2023

New critical Citrix ADC and Gateway flaw exploited as zero-days

Citrix today is alerting customers of a critical-severity vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and "strongly urges" to install updated versions without delay. [...]