July 20, 2023

Citrix CVE-2023-3519

July 20, 2023

What we know so far

The Cybersecurity and Infrastructure Security Agency (CISA) is issuing a Cybersecurity Advisory to alert network defenders about a critical vulnerability, CVE-2023-3519, affecting NetScaler ADC and NetScaler Gateway. In June 2023, threat actors exploited this zero-day vulnerability to deploy a webshell on a critical infrastructure organization's NetScaler ADC appliance. To assist in identifying system compromise, this advisory offers tactics, techniques, and procedures (TTPs) and detection methods shared by the victim, encouraging critical infrastructure organizations to adopt the guidance. CISA also recommends applying Citrix's patch immediately if no compromise is detected.

Arrow Right

Schedule a test

Subscribe to advisory alerts

Be immediately notified of new advisories and associated security tests

More advisories