Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks, pushing for a Citrix RCE bug to be patched within a week.
Citrix urged customers on Tuesday to immediately patch Internet-exposed Netscaler ADC and Gateway appliances against the CVE-2023-6548 code injection vulnerability and the CVE-2023-6549 buffer overflow impacting the Netscaler management interface that could be exploited for remote code execution and denial-of-service attacks, respectively.
[
add
]
[
|
|
...
]