Unauthenticated Remote Code Execution Vulnerability Affects Cisco Firepower Products
CVE-2023-3519
Key Information:
- Vendor
- Citrix
- Status
- NetScaler ADC
- NetScaler Gateway
- Vendor
- CVE Published:
- 19 July 2023
Badges
Summary
A serious remote code execution vulnerability has been identified in Citrix ADC and Citrix Gateway products. Attackers can exploit this weakness without authentication, meaning they could potentially execute arbitrary code on the affected systems. This vulnerability affects multiple versions of the products, allowing unauthorized users to gain control and launch malicious activities. It is crucial for organizations utilizing Citrix technologies to apply relevant patches and evaluate their security posture to mitigate the risks posed by this vulnerability.
CISA Reported
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited and is known by the CISA as enabling ransomware campaigns.
The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
NetScaler ADC 13.1 < 49.13
NetScaler ADC 13.0 < 91.13
NetScaler ADC 13.1-FIPS < 37.159
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
Cybersecurity Advisory: Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells | AHA
The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory to warn network defenders about exploitation of CVE-2023-3519, an unauthenticated remote code execution (RCE) vulnerability affecting NetScaler (formerly Citrix) Application Delivery Controller (ADC)...
2 months ago
Surge in exploits of zero-day vulnerabilities is ‘new normal’ warns Five Eyes alliance
In a co-authored advisory, the agencies list the top 15 most routinely exploited vulnerabilities of 2023, with CVE-2023-3519 — an issue affecting Citrix’s networking product NetScalers — being the most widely used.
2 months ago
cyfirmaCVE-2023-3519Unveiling CVE-2023-3519 : Citrix ADC & Gateway Vulnerability Analysis - CYFIRMA
Published On : 2023-08-25 EXECUTIVE SUMMARY A critical unauthenticated remote code execution vulnerability, denoted as CVE- 2023-3519, has been exposed within the architecture of Citrix ADC and...
2 months ago
References
EPSS Score
96% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 📰
First article discovered by Security Affairs
- 💰
Used in Ransomware
- 👾
Exploit known to exist
- 🦅
CISA Reported
Vulnerability published
Vulnerability Reserved