CVE-2023-4966

Published Oct 10, 2023

Last updated 4 months ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2023-4966 is a vulnerability that allows unauthorized disclosure of sensitive information in Citrix NetScaler ADC and NetScaler Gateway appliances. When these appliances are configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server, a buffer overflow flaw can be exploited to leak sensitive data. This vulnerability allows attackers to read sections of memory beyond the intended buffer, potentially exposing session tokens and enabling impersonation of legitimate users. Exploitation has been observed in the wild, with some attackers using it to bypass multi-factor authentication and hijack user sessions. This vulnerability affects specific versions of NetScaler ADC and NetScaler Gateway, including versions 14.1 before 14.1-8.50, 13.1 before 13.1-49.15, and 13.0 before 13.0-92.19. Citrix-managed cloud services and Citrix-managed Adaptive Authentication are not affected. The vulnerability was publicly disclosed by Citrix on October 10, 2023, and has since been added to CISA's Known Exploited Vulnerabilities Catalog due to observed exploitation.

Description
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server.
Source
secure@citrix.com
NVD status
Analyzed

Insights

Analysis from the Intruder Security Team
Published Oct 15, 2024

The NetScaler suite of products includes load balancing, firewall and VPN services, so one possible impact is compromised remote access to your private networks. NetScaler responds to certain requests by dumping memory back to the sender, which can contain access tokens for logged in users. The exploit is as bad as whatever you’ve given access to remotely through your NetScaler system. And because they're logged in sessions, MFA won't protect you.

More information is available in our blog post here.

Risk scores

CVSS 3.1

Type
Primary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
HIGH

Known exploits

Data from CISA

Vulnerability name
Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
Exploit added on
Oct 18, 2023
Exploit action due
Nov 8, 2023
Required action
Apply mitigations and kill all active and persistent sessions per vendor instructions [https://www.netscaler.com/blog/news/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway/] OR discontinue use of the product if mitigations are unavailable.

Weaknesses

secure@citrix.com
CWE-119
nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending
  1.     🚨 Citrix fixes critical NetScaler bug CVE-2025-5777—patch now. This out-of-bounds read flaw is similar to CitrixBleed (CVE-2023-4966) and may allow attackers to extract session tokens from memory. Affects gateway-configured devices No known explanation yet,

    @modat_magnify

    24 Jun 2025

    191 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. i remember 2023 when i was using the CVE-2023-4966 i logged in this employee's pc and started launching all my tools, and then the employee logged back in while i was getting creds, and he saw all the tools just open. the funny thing is he just closed them and went back to work😂

    @PsExec64

    13 Apr 2025

    3993 Impressions

    1 Retweet

    45 Likes

    5 Bookmarks

    2 Replies

    0 Quotes

  3. 🚨🔍 Top 5 most exploited CVEs of 2023: 1️⃣ CVE-2023-3519 (Citrix NetScaler): Buffer overflow for remote code execution. 2️⃣ CVE-2023-4966 (Citrix NetScaler): Token leakage risk. 3️⃣ CVE-2023-20198 (Cisco IOS XE): Unauthorized admin access.

    @AugustineCyber

    17 Nov 2024

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  4. CISAから2023年に良く悪用された脆弱性のまとめが公開されていましたね。 2023 Top Routinely Exploited Vulnerabilities https://t.co/ulfm6a7TUz ◆CVE-2023-3519:Citrix ◆CVE-2023-4966:Citrix ◆CVE-2023-20198:Cisco ◆CVE-2023-20273:Cisco ◆CVE-2023-27997:Fortinet… https://t.co/5hY9DKZUl3 https://t.co/G9ylY3EdvP

    @taku888infinity

    13 Nov 2024

    1354 Impressions

    1 Retweet

    8 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  5. The released fix CVE-2023-4966 on October 10, 2023, affected NetScaler ADC and NetScaler Gateway. This vulnerability was discovered by our internal team, and at the time of disclosure, we were not aware of any exploits in the wild. Recommended next steps: https://t.co/gq5657p6KE

    @zeller_bach

    27 Oct 2024

    21 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    1 Quote

Configurations