A critical security vulnerability affecting Citrix NetScaler ADC and NetScaler Gateway appliances is currently being actively exploited by malicious actors. This flaw, identified as CVE-2023-6548, while technically a privilege escalation issue, is specifically being leveraged in denial-of-service (DoS) attacks targeting the management interface of vulnerable devices. Organizations using older versions of these products are strongly advised to take immediate action. The most critical step is to apply the latest security updates released by the vendor. These updates directly address the vulnerability. If applying the patches immediately is not possible, a temporary workaround involves restricting access to the affected management interface (NSIP) so it is only reachable from trusted networks or specific administrative hosts. Leaving devices unpatched and accessible exposes them to potential disruptive attacks. Immediate patching or implementing the recommended access restrictions is essential to safeguard your infrastructure.
Source: https://www.bleepingcomputer.com/news/security/citrix-warns-of-netscaler-vulnerability-exploited-in-dos-attacks/
