Citrix Bleed exploit lets hackers hijack NetScaler accounts
25-Oct-23
The ‘Citrix Bleed’ vulnerability, identified as CVE-2023-4966, has a proof-of-concept (PoC) exploit that allows attackers to acquire authentication session cookies from vulnerable Citrix NetScaler ADC and NetScaler Gateway equipment.
Citrix addressed CVE-2023-4966, a critical-severity remotely exploited information disclosure bug, on October 10 without disclosing many specifics.Mandiant disclosed on October 17 that the weakness had been leveraged as a zero-day in limited assaults from late August 2023. Citrix issued a follow-up warning to administrators of NetScaler ADC and Gateway appliances on Monday, asking them to patch the bug as soon as possible because the pace of exploitation has begun to increase.
