Citrix NetScaler ADC and Gateway Vulnerabilities Put Organizations at Risk

by do son · Published November 12, 2024 · Updated November 12, 2024

Citrix has issued a security bulletin warning of two vulnerabilities affecting NetScaler ADC and NetScaler Gateway, products that provide application delivery and security services. The vulnerabilities, tracked as CVE-2024-8534 and CVE-2024-8535, could allow attackers to disrupt services or gain unauthorized access to sensitive information.

CVE-2024-8534 is a memory safety vulnerability that could lead to memory corruption and denial of service. An attacker could exploit this vulnerability by sending a specially crafted request to the affected system, potentially causing it to crash or become unavailable. This vulnerability has a CVSS v4.0 base score of 8.4, indicating a high severity level.

CVE-2024-8535 is an authentication bypass vulnerability that could allow an authenticated user to access unintended capabilities. An attacker could exploit this vulnerability to gain access to sensitive data or functionality that they are not authorized to access. This vulnerability has a CVSS v4.0 base score of 5.8, indicating a medium severity level.

The vulnerabilities affect the following supported versions of NetScaler ADC and NetScaler Gateway:

NetScaler ADC and NetScaler Gateway 14.1 BEFORE 14.1-29.72
NetScaler ADC and NetScaler Gateway 13.1 BEFORE 13.1-55.34
NetScaler ADC 13.1-FIPS BEFORE 13.1-37.207
NetScaler ADC 12.1-FIPS BEFORE 12.1-55.321
NetScaler ADC 12.1-NDCPP BEFORE 12.1-55.321

Citrix has released updated versions of NetScaler ADC and NetScaler Gateway that address these vulnerabilities. Customers are strongly encouraged to install the relevant updates as soon as possible to protect their systems from attack.

In addition to installing the updates, Citrix recommends that customers take the following steps to mitigate the risk of these vulnerabilities:

Review their configurations to determine if they are using any of the features that are affected by these vulnerabilities.
Restrict access to their NetScaler ADC and NetScaler Gateway appliances to only trusted users and devices.
Monitor their systems for any suspicious activity.

Customers who are using Citrix-managed cloud services or Citrix-managed Adaptive Authentication are not affected by these vulnerabilities and do not need to take any action.

Organizations that use NetScaler ADC or NetScaler Gateway are encouraged to visit the Citrix website for more information about these vulnerabilities and to download the latest updates.