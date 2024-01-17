Citrix has warned its NetScaler ADC and NetScaler Gateway customers against two critical zero-day vulnerabilities that have active exploitations in the wild.

Tracked as CVE-2023-6548 and CVE-2023-6549, the vulnerabilities allow miscreants to perform remote code execution (RCE) and denial-of-service (DoS) attacks on the affected devices.

“The vulnerabilities only apply to customer-managed NetScaler ADC and NetScaler Gateway products,” Citrix said in a security advisory. “Customers using Citrix-managed cloud services or Citrix-managed Adaptive Authentication do not need to take any action.”

NetScaler Application Delivery Controller (ADC) and NetScaler Gateway are network solution appliances, designed to support the performance, security, and availability of applications and services within enterprise networks.

Flaws need pre-requisites for infection

The RCE enabling flaw (CVE-2023-6548) found in the appliances only impacts the management interface, according to Citrix. The bug can therefore be mitigated by performing a simple network segregation.

“Cloud Software Group strongly recommends that network traffic to the appliance’s management interface is separated, either physically or logically, from normal network traffic,” Citrix said. “In addition, we recommend that you do not expose the management interface to the internet, as explained in the secure deployment guide.”