CP
cyberpings
VulnerabilitiesHIGH

Vulnerabilities - Citrix NetScaler ADC and Gateway Alert

NCNCSC UK
CVE-2026-3055CVE-2026-4368Citrix NetScalerSAML IDPSSL VPN
🎯

Basically, Citrix products have security flaws that need urgent fixes to keep data safe.

Quick Summary

Citrix has revealed two critical vulnerabilities in its NetScaler ADC and Gateway products. UK organizations using these systems must act quickly to apply necessary updates. Failure to do so could result in serious data breaches and unauthorized access risks.

What Happened

Recently, Citrix disclosed two significant vulnerabilities affecting its NetScaler ADC and NetScaler Gateway products. The vulnerabilities are identified as CVE-2026-3055 and CVE-2026-4368. The first vulnerability involves insufficient input validation when configured as a SAML identity provider, leading to potential memory overreads. The second vulnerability is a race condition that can occur when the appliance is set up as a gateway, which may result in user session mix-ups.

These vulnerabilities could allow unauthorized access or manipulation of user sessions, posing serious risks to organizations that rely on these systems for secure access and load balancing. Citrix has urged users to take immediate action to mitigate these risks.

Who's Affected

Organizations utilizing the affected versions of Citrix NetScaler ADC and Gateway are at risk. Specifically:

  • CVE-2026-3055 affects versions 14.1 before 14.1-66.59 and 13.1 before 13.1-62.23.
  • CVE-2026-4368 affects version 14.1-66.54.

For both vulnerabilities, the appliances must be configured in specific ways to be vulnerable. For CVE-2026-3055, the appliance needs to be set up as a SAML identity provider. For CVE-2026-4368, it must be configured as a gateway or AAA virtual server. Only customer-managed instances require immediate remedial action.

What Data Was Exposed

The potential data exposure from these vulnerabilities includes sensitive user session information. If exploited, attackers could gain unauthorized access to user sessions, leading to data breaches or unauthorized actions within the network. The NCSC has recommended that organizations monitor their configurations closely and apply the necessary updates to safeguard against these vulnerabilities.

What You Should Do

To mitigate the risks associated with these vulnerabilities, organizations should promptly update their systems. Citrix has released patches for the affected versions:

  • Upgrade to NetScaler ADC and Gateway 14.1-66.59 or later.
  • Upgrade to NetScaler ADC and Gateway 13.1-62.23 or later.

Additionally, organizations can perform specific checks to determine if their appliances are configured in a vulnerable manner. For CVE-2026-3055, inspect for the string Add authentication samlIdPProfile. For CVE-2026-4368, check for configurations related to authentication servers or gateways. Regular monitoring of Citrix's security bulletins is also advised to stay informed about any further updates or patches.

🔒 Pro insight: Organizations must prioritize patching these vulnerabilities to prevent potential session hijacking and unauthorized access to sensitive data.

Original article from

NCSC UK

Read Full Article

Share

Related Pings

HIGHVulnerabilities

GitLab Vulnerabilities - Security Advisory Released

GitLab has issued a security advisory due to vulnerabilities in its software. Users of GitLab Community and Enterprise Editions must update to the latest versions to stay secure. Ignoring these updates could lead to serious security risks.

Canadian Cyber Centre Alerts·
HIGHVulnerabilities

Node.js Vulnerabilities - Critical Updates Released

Node.js has released critical security updates for multiple versions due to vulnerabilities. Users must upgrade to the latest versions to protect their applications. This is vital to prevent potential attacks and data breaches.

Canadian Cyber Centre Alerts·
HIGHVulnerabilities

n8n Vulnerabilities - Security Updates Released for Users

n8n has released crucial security updates for multiple products due to vulnerabilities. Users and administrators must act quickly to apply these updates and protect their data. Ignoring these updates could lead to serious security risks.

Canadian Cyber Centre Alerts·
HIGHVulnerabilities

Node.js Vulnerabilities - Critical Patches Released

Node.js has released critical patches for multiple vulnerabilities, including risks of DoS attacks and process crashes. Users must upgrade to secure their systems immediately. These updates are vital for maintaining server stability and security.

Cyber Security News·
HIGHVulnerabilities

Citrix Vulnerabilities - Urgent Patch Required for NetScaler

Citrix has identified critical vulnerabilities in its NetScaler products. With thousands of instances exposed, immediate patching is essential to prevent data theft. Stay secure by updating your systems now.

BleepingComputer·
HIGHVulnerabilities

TP-Link Archer NX Routers - Critical Firmware Vulnerability Alert

TP-Link has patched a critical vulnerability in Archer NX routers that could allow attackers to take control. Users must update their firmware to protect their devices. This flaw poses significant risks, especially if left unaddressed.

Security Affairs·