Security organization Fox-IT, which is part of NCC Group, reports that an unknown hacker has exploited the recently discovered critical vulnerability CVE-2023-3519 to create backdoors in Citrix Netscaler products. The attacker must place webshells on vulnerable netscalers so that they can have continued access to it. The attacker can then remotely execute arbitrary code, even if a Netscaler product is subsequently patched.
As of August 14, 31127 netscalers should be vulnerable to CVE-2023-3519 and 1828 backdoors should remain active. Of the netscalers that have backdoors, 1248 must be patched for CVE-2023-3519. Among the countries with the highest number of victims were Germany, France, Switzerland, Japan, Italy, Spain, the Netherlands, Ireland, Sweden and Austria. NCC Group writes that Fox-IT, in collaboration with the Netherlands Institute for Vulnerability Detection, will notify affected parties.
Administrators are advised to patch Netscaler as this still means the backdoor can be isolated. The NCC group also recommends doing a leveling review indicator with netscalers regardless of when a patch is added.
Also read: Finansinspektionen warns – Don’t let scammers take over your computer
More Stories
EA President Talks New Dragon Age: 'A Return to What Made Bioware Great'
She thought she had bought a phone – she was shocked by its contents
Rumor: Lots of AI in Google's Pixel 10 and 11 cameras