- Description
- Unauthenticated remote code execution
- Source
- secure@citrix.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability
- Exploit added on
- Jul 19, 2023
- Exploit action due
- Aug 9, 2023
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
🚨 RansomHub: A top ransomware threat of 2024. ⚠️ Exploiting Citrix ADC (CVE-2023-3519), Zerologon (CVE-2020-1472) ⚠️ Mimikatz + PsExec + AnyDesk = Stealthy lateral movement ⚠️ Curve 25519 encryption + cloud exfiltration = No easy recovery Red Report 2025 highlights why this… h
@PicusSecurity
12 Mar 2025
164 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Rising Threat: INC Ransomware 🚨 This group exploits CVE-2023-3519 & spear-phishing to infiltrate networks. Their double-extortion tactics are expanding. Expect more high-impact breaches. Stay ahead: https://t.co/lXbEoxPphL #CyberSecurity #ThreatHunting #InfoSec
@TWX_Assassins
11 Mar 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 China-backed Silk Typhoon is shifting tactics! Now targeting IT supply chains via stolen API keys & cloud app credentials. They hit MSPs, healthcare, govt & more. Key exploits: Ivanti VPN (CVE-2025-0282), Palo Alto firewalls (CVE-2024-3400), Citrix (CVE-2023-3519).
@hacktoria
7 Mar 2025
376 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
1 Quote
Hive ransomware targets healthcare and financial sectors with a Ransomware-as-a-Service (RaaS) model, exploiting vulnerabilities like CVE-2023-3519 and using double extortion tactics. #CyberSecurity #HiveRansomware #DataProtection https://t.co/TFvwvQcX93
@ThreatCure_25
6 Dec 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Don’t let Citrix risks derail your operations—fix them before they turn into disasters. 🚀 🛡️ Patch CVEs like CVE-2023-3519 📈 Streamline resource allocation 🛠️ Strengthen security protocols Discover how to secure your #Citrix environment in our blog: https://t.co/gzPp1jIr9
@Insentra
5 Dec 2024
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2023-3519
@transilienceai
21 Nov 2024
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨🔍 Top 5 most exploited CVEs of 2023: 1️⃣ CVE-2023-3519 (Citrix NetScaler): Buffer overflow for remote code execution. 2️⃣ CVE-2023-4966 (Citrix NetScaler): Token leakage risk. 3️⃣ CVE-2023-20198 (Cisco IOS XE): Unauthorized admin access.
@AugustineCyber
17 Nov 2024
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
INC Ransomware Alert: Exploiting CVE-2023-3519, leveraging HackTool.ProcTerminator for evasion, & HackTool.PS1.VeeamCreds for credential theft. Get the latest insights on this evolving threat! https://t.co/PwuhfX1cy2 #CyberSecurity #Ransomware #ThreatIntelligence
@TrendMicroAMEA
15 Nov 2024
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISAから2023年に良く悪用された脆弱性のまとめが公開されていましたね。 2023 Top Routinely Exploited Vulnerabilities https://t.co/ulfm6a7TUz ◆CVE-2023-3519:Citrix ◆CVE-2023-4966:Citrix ◆CVE-2023-20198:Cisco ◆CVE-2023-20273:Cisco ◆CVE-2023-27997:Fortinet… https://t.co/5hY9DKZUl3 https://t.co/G9ylY3EdvP
@taku888infinity
13 Nov 2024
1354 Impressions
1 Retweet
8 Likes
0 Bookmarks
1 Reply
0 Quotes
When I'm bored I look for this kind of #Opendir. Same TA behind? 🤔 #Citrix CVE-2023-3519 exploit and #shellcode hxxp://155.248.183.38:8000/README.md hxxp://155.248.183.38:8000/📷 hxxp://128.199.145.171:88/📷 https://t.co/WhEs4soOz3
@ShanHolo
3 Nov 2024
319 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8927B2FA-F87E-4D81-AC29-9032184ECB7E",
"versionEndExcluding": "12.1-55.297",
"versionStartIncluding": "12.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:ndcpp:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9845E7B1-5604-497D-8241-048E91987C13",
"versionEndExcluding": "12.1-55.297",
"versionStartIncluding": "12.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD949674-8DC1-4B0D-8C0C-F593539E12F1",
"versionEndExcluding": "13.0-91.13",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD0739E3-F7A4-463C-96B0-9D7BDBF218C4",
"versionEndExcluding": "13.1-37.159",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCEED8AC-F9A9-4F75-BB32-F53967A8E9A0",
"versionEndExcluding": "13.1-49.13",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC825A83-8D84-42C7-868F-0470FF79D497",
"versionEndExcluding": "13.0-91.13",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "442F6925-199D-4E5B-84C1-05C4D8108B62",
"versionEndExcluding": "13.1-49.13",
"versionStartIncluding": "13.1"
}
],
"operator": "OR"
}
]
}
]