Citrix has released patches for a critical vulnerability affecting multiple versions of NetScaler Application Delivery Controller (ADC) and NetScaler Gateway. Tracked as CVE-2023-4966, the flaw could lead to sensitive information disclosure. It affects NetScaler ADC and NetScaler Gateway versions 14.1, 13.1, 13.0, and NetScaler ADC 13.1-FIPS, 12.1-FIPS, and 12.1-NDcPP. Citrix has released updates for these products to address the vulnerability. In addition, Citrix has provided hotfixes for five vulnerabilities in Citrix Hypervisor 8.2 CU1 LTSR. These vulnerabilities could allow malicious code running in a guest VM to compromise the host, crash the host, crash another VM running on the host, or access information from code running on the same CPU core.
Read more: https://www.securityweek.com/citrix-patches-critical-netscaler-adc-gateway-vulnerability/