On March 23, 2026, Citrix published a security advisory for a critical vulnerability affecting their NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) products.
This vulnerability, CVE-2026-3055, which is classified as an out-of-bounds read and holds a CVSS score of 9.3, allows unauthenticated remote attackers to leak potentially sensitive information from the appliance’s memory. The Citrix advisory states that systems configured as a SAML Identity Provider (SAML IDP) are vulnerable, whereas default configurations are unaffected. This SAML IDP configuration is likely a very common configuration for organizations utilizing single sign-on.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Multiple Internet to Baseband Remote Code Execution Vulnerabilities in Exynos Modems
April 16, 2023
In late 2022 and early 2023, Project Zero reported eighteen 0-day vulnerabilities in Exynos Modems produced by Samsung Semiconductor. The four most severe of these eighteen vulnerabilities (CVE-2023-24033, CVE-2023-26496, CVE-2023-26497 and CVE-2023-26498) allowed for Internet-to-baseband remote code execution. Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone ...
- Linux kernel logic allowed Spectre attack on ‘major cloud provider’
April 13, 2023
The Spectre vulnerability that has haunted hardware and software makers since 2018 continues to defy efforts to bury it. On Thursday, Eduardo (sirdarckcat) Vela Nava, from Google’s product security response team, disclosed a Spectre-related flaw in version 6.2 of the Linux kernel. Read more… Source: The Register
- CISA Releases Sixteen Industrial Control Systems Advisories
April 13, 2023
CISA released sixteen Industrial Control Systems (ICS) advisories on April 13, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSMA-23-103-01 B. Braun Battery Pack SP with Wi-Fi ICSA-23-103-01 Siemens Adaptec maxView Application ICSA-23-103-02 Siemens JT Open and JT Utilities ICSA-23-103-03 Siemens in OPC Foundation Local Discovery Server Read more… Source: U.S. Cybersecurity and Infrastructure ...
- Supply chain security for Go, Part 1: Vulnerability management
April 13, 2023
High profile open source vulnerabilities have made it clear that securing the supply chains underpinning modern software is an urgent, yet enormous, undertaking. As supply chains get more complicated, enterprise developers need to manage the tidal wave of vulnerabilities that propagate up through dependency trees. Open source maintainers need streamlined ways to vet proposed dependencies ...
- DDoS attacks shifting to VPS infrastructure for increased power
April 12, 2023
Hyper-volumetric DDoS (distributed denial of service) attacks in the first quarter of 2023 have shifted from relying on compromised IoT devices to leveraging breached Virtual Private Servers (VPS). According to internet security company Cloudflare, the newer generation of botnets gradually abandoned the tactic of building large swarms of individually weak IoT devices and are now shifting ...
- Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign
April 11, 2023
This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus. UEFI bootkits are particularly dangerous as they run at computer startup, prior to the operating system loading, and therefore can interfere with or ...