On March 23, 2026, Citrix published a security advisory for a critical vulnerability affecting their NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) products.
This vulnerability, CVE-2026-3055, which is classified as an out-of-bounds read and holds a CVSS score of 9.3, allows unauthenticated remote attackers to leak potentially sensitive information from the appliance’s memory. The Citrix advisory states that systems configured as a SAML Identity Provider (SAML IDP) are vulnerable, whereas default configurations are unaffected. This SAML IDP configuration is likely a very common configuration for organizations utilizing single sign-on.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- NSA: Top 25 vulnerabilities actively abused by Chinese hackers
October 19, 2020
The U.S. National Security Agency (NSA) warns that Chinese state-sponsored hackers exploit 25 different vulnerabilities in attacks against U.S. organizations and interests. In an advisory issued today, the NSA said that it is aware of targeted attacks by Chinese state-sponsored hackers against National Security Systems (NSS), the U.S. Defense Industrial Base (DIB), and the Department of ...
- Operation Earth Kitsune, Tracking SLUB’s Current Operations
October 19, 2020
Trend Micro have already published findings on the SLUB malware’s past campaigns. In our latest research paper, we uncovered a recent watering hole campaign that involves a new variant of the malware. The threat, which we dubbed as such due to its abuse of Slack and GitHub in previous versions, has not abused either of ...
- Three npm packages found opening shells on Linux, Windows systems
October 19, 2020
Three JavaScript packages have been removed from the npm portal on Thursday for containing malicious code. According to advisories from the npm security team, the three JavaScript libraries opened shells on the computers of developers who imported the packages into their projects. The shells, a technical term used by cyber-security researchers, allowed threat actors to connect remotely ...
- Ryuk Ransomware Gang Uses Zerologon Bug for Lightning-Fast Attack
October 19, 2020
The Ryuk threat actors have struck again, moving from sending a phishing email to complete encryption across the victim’s network in just five hours. That breakneck speed is partially the result of the gang using the Zerologon privilege-escalation bug (CVE-2020-1472), less than two hours after the initial phish, researchers said. The Zerologon vulnerability allows an unauthenticated attacker ...
- Bug bounty reporter cashes out on someone else’s exploit
October 19, 2020
Bug bounty programs have gained increased momentum and interest from the security research community for their role in promoting security awareness and responsible vulnerability disclosure. But they are not without their fair share of problems. Bug bounty platforms fill a genuine need. They help companies solicit vulnerability reports in their products from pen-testers and researchers in ...
- 800,000 SonicWall VPNs vulnerable to new remote code execution bug
October 16, 2020
Almost 800,000 internet-accessible SonicWall VPN appliances will need to be updated and patched for a major new vulnerability that was disclosed on Wednesday. Discovered by the Tripwire VERT security team, CVE-2020-5135 impacts SonicOS, the operating system running on SonicWall Network Security Appliance (NSA) devices. SonicWall NSAs are used as firewalls and SSL VPN portals to filter, control, ...