Home Security Citrix NetScaler ADC and Gateway Units Underneath Assault: CISA Urges Rapid Motion

Citrix NetScaler ADC and Gateway Units Underneath Assault: CISA Urges Rapid Motion

by crpt os


Jul 21, 2023THNVulnerability / Cyber Threat

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory on Thursday warning that the newly disclosed critical security flaw in Citrix NetScaler Application Delivery Controller (ADC) and Gateway devices is being abused to drop web shells on vulnerable systems.

“In June 2023, threat actors exploited this vulnerability as a zero-day to drop a web shell on a critical infrastructure organization’s non-production environment NetScaler ADC appliance,” the agency said.

“The web shell enabled the actors to perform discovery on the victim’s active directory (AD) and collect and exfiltrate AD data. The actors attempted to move laterally to a domain controller but network segmentation controls for the appliance blocked movement.”

The shortcoming in question is CVE-2023-3519 (CVSS score: 9.8), a code injection bug that could result in unauthenticated remote code execution. Citrix, earlier this week, released patches for the issue and warned of active in-the-wild exploitation.

Successful exploitation requires the appliance to be configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or authentication, authorization, and auditing (AAA) virtual server.

CISA did not disclose the name of the organization that was impacted by the incident. The threat actor or the country allegedly behind it is presently unknown.

In the incident analyzed by CISA, the web shell is said to have enabled the collection of NetScaler configuration files, NetScaler decryption keys, and AD information, after which the data was transmitted as a PNG image file (“medialogininit.png”).

UPCOMING WEBINAR

Shield Against Insider Threats: Master SaaS Security Posture Management

Worried about insider threats? We’ve got you covered! Join this webinar to explore practical strategies and the secrets of proactive security with SaaS Security Posture Management.

Join Today

The adversary’s subsequent attempts to laterally move across the network as well as run commands to identify accessible targets and verify outbound network connectivity were thwarted due to robust network segmentation practices, the agency noted, adding the actors also attempted to delete their artifacts to cover up the tracks.

Citrix NetScaler ADC and Gateway

Vulnerabilities in gateway products such as NetScaler ADC and NetScaler Gateway have become popular targets for threat actors looking to obtain privileged access to targeted networks. This makes it imperative that users move quickly to apply the latest fixes to secure against potential threats.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex