CVE-2023-4966
Published Oct 10, 2023
Last updated 6 months ago
- Description
- Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
- Source
- secure@citrix.com
- NVD status
- Analyzed
- Products
- netscaler_application_delivery_controller, netscaler_gateway
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
- Exploit added on
- Oct 18, 2023
- Exploit action due
- Nov 8, 2023
- Required action
- Apply mitigations and kill all active and persistent sessions per vendor instructions [https://www.netscaler.com/blog/news/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway/] OR discontinue use of the product if mitigations are unavailable.
- secure@citrix.com
- CWE-119
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
🔒 #CyberSecurity CVE-2023-3519 & CVE-2023-4966: Critical Citrix NetScaler Exploitation — Detecti… "Defenders are currently facing a critical window of exposure. Recent intelligence from…" 🔗 https://t.co/BpxuJHswFI #CyberSecurity #ThreatIntel #vulnerability #cv
@SecurityAr58409
15 Apr 2026
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Forget goldfish. Hackers have a better memory, and they are using it to bleed your Citrix NetScaler dry. 🐟 CVE-2023-4966 is the unauthorized backstage pass nobody asked for. Patch now or your session tokens become public property. Don't let your data take an unguided tour!
@zench4n
31 Mar 2026
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ We are observing an active exploitation campaign targeting Citrix NetScaler instances We have observed 500+ exploit attempts of both CitrixBleeds (CVE-2025-5777 and CVE-2023-4966) against our NetScaler decoys across multiple regions: 193.24.211.86 AS215929 🇧🇬 Data
@DefusedCyber
16 Mar 2026
10826 Impressions
25 Retweets
66 Likes
25 Bookmarks
1 Reply
1 Quote
🚨 Unmasking the Citrix Bleed: A Deep Dive into the #CVE-2023-4966 Mass Exploitation Campaign https://t.co/fX2by9wZqU Educational Purposes!
@UndercodeUpdate
8 Nov 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CITRIXBLEED CRISIS! The critical NetScaler ADC Buffer Overflow Flaw (CVE-2023-4966) is being ACTIVELY EXPLOITED GLOBALLY right now. This vulnerability allows for unauthorized access and session hijacking. Read the full report on - https://t.co/wEhjBhYNf5 https://t.co/XlgPQ7IAPv
@cyberbivash
29 Sept 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【メモリ漏洩脆弱性】Citrix NetScalerに新たな重大脆弱性CVE-2025-5777が発見され、既に実環境での悪用が確認されている。この脆弱性は2023年に世界を震撼させたCitrixBleed(CVE-2023-4966)と酷似しており、メモリの不
@nakajimeeee
6 Jul 2025
444 Impressions
1 Retweet
5 Likes
1 Bookmark
0 Replies
0 Quotes
#threatreport #LowCompleteness How Much More Must We Bleed? - Citrix NetScaler Memory Disclosure (CitrixBleed 2 CVE-2025-5777) | 04-07-2025 Source: https://t.co/XJKu0ksoJj Key details below ↓ 💀Threats: Citrix_bleed_vuln, 🔓CVEs: CVE-2023-4966 https://t.co/eZ1NKnjqmY
@rst_cloud
5 Jul 2025
167 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
   🚨 Citrix fixes critical NetScaler bug CVE-2025-5777—patch now. This out-of-bounds read flaw is similar to CitrixBleed (CVE-2023-4966) and may allow attackers to extract session tokens from memory. Affects gateway-configured devices No known explanation yet,
@modat_magnify
24 Jun 2025
191 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
i remember 2023 when i was using the CVE-2023-4966 i logged in this employee's pc and started launching all my tools, and then the employee logged back in while i was getting creds, and he saw all the tools just open. the funny thing is he just closed them and went back to work😂
@PsExec64
13 Apr 2025
3993 Impressions
1 Retweet
45 Likes
5 Bookmarks
2 Replies
0 Quotes
🚨🔍 Top 5 most exploited CVEs of 2023: 1️⃣ CVE-2023-3519 (Citrix NetScaler): Buffer overflow for remote code execution. 2️⃣ CVE-2023-4966 (Citrix NetScaler): Token leakage risk. 3️⃣ CVE-2023-20198 (Cisco IOS XE): Unauthorized admin access.
@AugustineCyber
17 Nov 2024
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CISAから2023年に良く悪用された脆弱性のまとめが公開されていましたね。 2023 Top Routinely Exploited Vulnerabilities https://t.co/ulfm6a7TUz ◆CVE-2023-3519:Citrix ◆CVE-2023-4966:Citrix ◆CVE-2023-20198:Cisco ◆CVE-2023-20273:Cisco ◆CVE-2023-27997:Fortinet… https://t.co/5hY9DKZUl3 https://t.co/G9ylY3EdvP
@taku888infinity
13 Nov 2024
1354 Impressions
1 Retweet
8 Likes
0 Bookmarks
1 Reply
0 Quotes
The released fix CVE-2023-4966 on October 10, 2023, affected NetScaler ADC and NetScaler Gateway. This vulnerability was discovered by our internal team, and at the time of disclosure, we were not aware of any exploits in the wild. Recommended next steps: https://t.co/gq5657p6KE
@zeller_bach
27 Oct 2024
21 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
1 Quote
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"matchCriteriaId": "492BEB4B-7A4B-47C2-93D1-2B0683AA3A20",
"versionEndExcluding": "12.1-55.300",
"versionStartIncluding": "12.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:ndcpp:*:*:*",
"matchCriteriaId": "81EF12C2-4197-4C0D-BE11-556F05DAD646",
"versionEndExcluding": "12.1-55.300",
"versionStartIncluding": "12.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"matchCriteriaId": "9EEC53B2-686A-4C6F-98DE-5D6AE804B0A8",
"versionEndExcluding": "13.0-92.19",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"matchCriteriaId": "109301A8-9ADD-4A49-9C45-D21A4DA840E9",
"versionEndExcluding": "13.1-37.164",
"versionStartIncluding": "13.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"matchCriteriaId": "5C1739C5-48C1-46BC-A524-B4CC4C5B6436",
"versionEndExcluding": "13.1-49.15",
"versionStartIncluding": "13.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"matchCriteriaId": "9148C36D-98B4-4166-8B9A-449EA86BA4B1",
"versionEndExcluding": "14.1-8.50",
"versionStartIncluding": "14.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FB1412D-F8D8-4592-A8A9-C1B841B93D5E",
"versionEndExcluding": "13.0-92.19",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28A08B32-D145-499F-866E-BEEEDEBB2901",
"versionEndExcluding": "13.1-49.15",
"versionStartIncluding": "13.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1610E6-FE48-4339-8E74-765E0517E33D",
"versionEndExcluding": "14.1-8.50",
"versionStartIncluding": "14.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]