Critical Citrix NetScaler Vulnerability Under Active Exploitation Less Than a Week After Disclosure
Security researchers warn that in-the-wild exploitation of a critical Citrix NetScaler vulnerability has begun, with evidence of attacks starting within days of public disclosure.
Key Points
- Critical Citrix NetScaler vulnerability now being exploited in the wild
- Flaw allows memory leakage to obtain authenticated administrative session IDs
- Exploitation evidence dates back to March 27, just days after disclosure
- Compared to infamous CitrixBleed and CitrixBleed2 vulnerabilities
Full Details
In-the-wild exploitation of a critical-severity Citrix NetScaler vulnerability has started less than a week after public disclosure, according to attack surface management firm WatchTowr. The critical flaw allows attackers to leak application memory and can be exploited to obtain authenticated administrative session IDs. Immediately after Citrix disclosed the security defect, WatchTowr warned that threat actors would likely start exploiting it shortly and compared it with the infamous CitrixBleed and CitrixBleed2 bugs that have been heavily exploited in the past. The vulnerability covers multiple memory overread issues that can be exploited using crafted requests to leak sensitive memory from the application. According to WatchTowr, evidence suggests that in-the-wild exploitation of vulnerable NetScaler instances started by at least March 27, just days after the vulnerability became public.
Why It Matters
The rapid exploitation of Citrix NetScaler vulnerabilities following disclosure highlights the need for extremely fast patching cycles for network infrastructure devices, as threat actors actively monitor for new vulnerabilities.
Get stories like this delivered daily
AI-curated news, personalized to your interests. Zero noise.
Start 7-Day Free Trial →More in Global News
One Month Into Iran War: Global Economy Faces Major Disruptions
One month after the US and Israeli war on Iran began, the global economy is experiencing the largest supply disruption in oil market history, with cascading effects on inflation, air travel, food prices, and even semiconductor chip production.
AI Targeting Systems in Iran Conflict Raise 'Cold War' Concerns
Reports confirm Palantir's AI targeting systems used in Ukraine are now being integrated into Iranian drone operations, sparking concerns about an emerging AI arms race and ethical questions about autonomous warfare.
G7 Policymakers Hold Crisis Talks as Iran-Russia War Roils Global Economy
Top western G7 policymakers convened emergency discussions to address the economic turmoil caused by the ongoing Iran-Russia war, as the conflict continues to strain global supply chains and markets.
WTO E-Commerce Duties Moratorium Expires as Global Trade Talks Stall
The global moratorium on customs duties for digital downloads and streaming has expired after WTO ministers in Yaoundé, Cameroon failed to reach an extension agreement, with talks now moving to Geneva.