A Longstanding Zero-Day in Citrix Devices Exploited Since August
A Longstanding Zero-Day in Citrix Devices Exploited Since August
Threat Level
Vulnerability Report
For a detailed threat advisory, download the pdf file here
Summary
A zero-day exploit, “Citrix Bleed,” identified as CVE-2023-4966, has been actively targeting critical vulnerabilities in Citrix NetScaler ADC/Gateway devices since late August 2023. This exploit has the potential to allow attackers to steal authentication sessions and hijack accounts.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.