CVE-2023-4966 - Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability

Vulnerability Name

Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability

Description

Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply mitigations and kill all active and persistent sessions per vendor instructions [https://www.netscaler.com/blog/news/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway/] OR discontinue use of the product if mitigations are unavailable.

Additional Notes

https://www.netscaler.com/blog/news/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway/, https://support.citrix.com/article/CTX579459/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20234966-and-cve20234967

https://nvd.nist.gov/vuln/detail/CVE-2023-4966

Related News Articles

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patchJuly 11, 2025

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target EnterprisesJuly 11, 2025

Public exploits released for Citrix Bleed 2 NetScaler flaw, patch nowJuly 8, 2025

CitrixBleed 2 might be actively exploited (CVE-2025-5777)June 30, 2025

Citrix Bleed 2 flaw now believed to be exploited in attacksJune 27, 2025