According to the British information assurance company NCC Group, a threat actor automated the exploitation of a recent Citrix vulnerability and infected about 2,000 NetScaler instances with a backdoor.
The critical vulnerability, identified as CVE-2023-3519, was disclosed as a zero-day last month and has been exploited since June 2023, including in attacks against organizations that support critical infrastructure.
On vulnerable Citrix Application Delivery Controller (ADC) and Gateway appliances that are configured as a gateway or AAA virtual server, the flaw enables remote, unauthenticated attackers to execute arbitrary code.
Bishop Fox, a cybersecurity company, issued a warning about the vulnerability of more than 20,000 Citrix appliances about a week after Citrix issued patches for the bug.
Read More: 2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.