GRI

Citrix Releases Security Updates for Multiple Products

News Cybersecurity English Guidance
Date: 10th Oct, 2023 Source: Cybersecurity and Infrastructure Security Agency Country: USA Original Source

Brief

Summary:

The Cybersecurity & Infrastructure Security Agency (CISA) has issued a security alert on October 10, 2023, regarding Citrix security updates to address vulnerabilities in multiple products. A malicious actor can exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix security bulletins and apply necessary updates. The alert also mentions related advisories, including Microsoft security updates, additional vulnerabilities in the catalog, and an industrial control systems advisory.

U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov

A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS

A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


Cybersecurity & Infrastructure Security Agency

America’s Cyber Defense Agency

Search

America’s Cyber Defense Agency

Alert

Release Date

Citrix has released security updates to address vulnerabilities affecting multiple products. A malicious cyber actor can exploit one of these vulnerabilities take control of an affected system.

CISA encourages users and administrators to review the following Citrix security bulletins and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.

Related Advisories

Highlights content goes here...

Here is a comprehensive summary of the provided document:

Summary: Cybersecurity and Infrastructure Security Agency (CISA) Alert

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding the release of security updates by Citrix to address vulnerabilities affecting multiple products. On October 10, 2023, Citrix published security bulletins for CVE-2023-4966 and CVE-2023-4967, which affect NetScaler ADC and NetScaler Gateway products.

According to CISA, a malicious cyber actor can exploit one of these vulnerabilities to gain control of an affected system. Therefore, CISA recommends that users and administrators review the security bulletins and apply the necessary updates to ensure the security and integrity of their systems.

In addition to the Citrix security updates, the document also highlights several other security-related advisories released by CISA on October 10, 2023, including:

Microsoft’s October 2023 security updates
 CISA’s addition of five known vulnerabilities to its catalog
CISA’s release of an industrial control systems advisory
 An alert regarding the HTTP/2 rapid reset vulnerability, CVE-2023-44487

These advisories are intended to inform users of the importance of maintaining up-to-date software and security patches to protect against potential cyber threats.

Recommendations:

CISA encourages users and administrators to:

1. Review the Citrix security bulletins for CVE-2023-4966 and CVE-2023-4967
2. Apply necessary updates to affected systems
3. Stay informed about the latest security advisories and updates from Microsoft, Citrix, and other reputable sources.

Additional Resources:

Citrix Security Bulletins (CVE-2023-4966 and CVE-2023-4967)
 CISA’s Catalog of Known Vulnerabilities
Microsoft’s October 2023 Security Updates
 CISA’s Industrial Control Systems Advisory
* HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487

Cybersecurity and Infrastructure Security Agency

Quick Insight
RADA.AI
RADA.AI
Hello! I'm RADA.AI - Regulatory Analysis and Decision Assistance. Your Intelligent guide for compliance and decision-making. How can i assist you today?
Suggested
Related Documents
Maintenance of Good Practice Certificate Queries
Date: 4th Feb, 2025 Source: National Health Surveillance Agency (Anvisa) Country: Brazil
News Healthcare & Pharma Guidance
Are your organisation’s edge devices secure?
Date: 5th Feb, 2025 Source: Australian Cyber Security Centre (ACSC) Country: Australia
News Cybersecurity Guidance
How EASA certified Safran’s ENGINeUS 100 electric engine
Date: 4th Feb, 2025 Source: European Union Aviation Safety Agency (EASA) Country: European Union
News Aviation & Aerospace Guidance

Form successfully submitted. One of our GRI rep will contact you shortly

Thanking You!

Click here

Enter your Email

Enter your registered username/email id.

Enter your Email

Enter your email id below to signup.

Enter your Email

Enter your email id below to signup.
Individual Plan
  • Designed for Growing Compliance Teams
$125 / month OR $1250 / year
Features
  • • Coverage for 20 jurisdictions
  • • Monitoring from 500+ regulatory authorities
  • • AI compliance summaries
  • • RaDa.ai : Single-Role
Best for: Researchers, Legal professionals, Academics
Subscribe Now
Enterprise Plan
  • Perfect for Global Enterprises
Contact for Pricing
Features
  • • Custom jurisdictional coverage
  • • Custom monitoring of regulatory authorities
  • • RaDa.ai : Customizable multi-role
  • • Custom reporting and dashboard capabilities
  • • API access for seamless integration
Best for: Law Firms, Corporations, Government Bodies
Contact Sales