Citrix Bleed exploit lets hackers hijack NetScaler accounts


The ‘Citrix Bleed’ vulnerability, identified as CVE-2023-4966, has a proof-of-concept (PoC) exploit that allows attackers to acquire authentication session cookies from vulnerable Citrix NetScaler ADC and NetScaler Gateway equipment.

Citrix addressed CVE-2023-4966, a critical-severity remotely exploited information disclosure bug, on October 10 without disclosing many specifics.Mandiant disclosed on October 17 that the weakness had been leveraged as a zero-day in limited assaults from late August 2023. Citrix issued a follow-up warning to administrators of NetScaler ADC and Gateway appliances on Monday, asking them to patch the bug as soon as possible because the pace of exploitation has begun to increase.

Read More…