""We are now observing auth method fingerprinting activity against NetScaler ADC/Gateway in the wild. Attackers are probing /cgi/GetAuthMethods to enumerate enabled authentication flows in our Citrix honeypots.""
""Organizations running affected Citrix NetScaler versions in affected configurations need to drop tools and patch immediately. When attacker reconnaissance shifts to active exploitation, the window to respond will evaporate.""
""In recent years, a number of security vulnerabilities affecting NetScaler have come under active exploitation in the wild. It's therefore crucial that users move quickly to the latest updates as soon as possible to stay protected.""
A critical vulnerability, CVE-2026-3055, affecting Citrix NetScaler ADC and Gateway has been identified, with a CVSS score of 9.3. This flaw involves insufficient input validation leading to memory overread, allowing attackers to leak sensitive information. Successful exploitation requires the appliance to be configured as a SAML Identity Provider. Active reconnaissance activities have been detected, indicating potential exploitation. Organizations using affected versions must patch immediately to mitigate risks, as previous vulnerabilities have been actively exploited in the wild.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]