Introduction:

Citrix has released security updates to address a critical vulnerability in its NetScaler ADC and Gateway products that is being actively exploited in the wild. The vulnerability, tracked as CVE-2023-3519, allows an attacker to execute arbitrary code on affected devices with no authentication required.

What is CVE-2023-3519?

CVE-2023-3519 is a code injection vulnerability that affects the NetScaler ADC and Gateway products. The vulnerability occurs when the affected products process specially crafted HTTP requests. An attacker can exploit this vulnerability to execute arbitrary code on affected devices with no authentication required.

What are the affected products?

The following products are affected by CVE-2023-3519:

• NetScaler ADC and Gateway 13.1 before 13.1-49.13
• NetScaler ADC and Gateway 13.0 before 13.0-91.13
• NetScaler ADC and Gateway version 12.1 (currently end-of-life)
• NetScaler ADC 13.1-FIPS before 13.1-37.159
• NetScaler ADC 12.1-FIPS before 12.1-55.297, and
• NetScaler ADC 12.1-NDcPP before 12.1-55.297

How can I protect myself from CVE-2023-3519?

To protect yourself from CVE-2023-3519, you should apply the following security updates as soon as possible:

• NetScaler ADC and NetScaler Gateway 13.1-49.13 and later releases
• NetScaler ADC and NetScaler Gateway 13.0-91.13 and later releases of 13.0
• NetScaler ADC 13.1-FIPS 13.1-37.159 and later releases of 13.1-FIPS
• NetScaler ADC 12.1-FIPS 12.1-55.297 and later releases of 12.1-FIPS, and
• NetScaler ADC 12.1-NDcPP 12.1-55.297 and later releases of 12.1-NDcPP

What are the consequences of not patching CVE-2023-3519?

If you do not patch CVE-2023-3519, you may be vulnerable to an attack that could allow an attacker to execute arbitrary code on your affected devices. This could have a significant impact on your network security, as an attacker could use this vulnerability to gain access to your systems and data.

Conclusion:

The Citrix ADC and Gateway zero-day flaw is a serious vulnerability that should be patched as soon as possible. If you are using affected products, you should apply the security updates as soon as possible to protect your network from attack.