In recent weeks, several serious security vulnerabilities have been discovered in Citrix NetScaler ADC and Gateway – some of them known as “CitrixBleed 2”. Although the vulnerabilities have already been fixed by the manufacturer, experts classify them as critical .
IT security researchers report active attacks in which, among other things, existing web sessions were compromised and authentications were obtained without the knowledge of the users – suggesting that active multi-factor authentication could also be bypassed.
What happened?
Currently, CERT.at and numerous email security vendors are seeing an increase in phishing campaigns that use email attachments in Scalable Vector Graphics (SVG) format. These vector graphics contain embedded JavaScript code that can be executed from the browser when opened. Attackers use this to load fake login pages or install malware – with the aim of grabbing access data. The affected SVG files often disguise themselves as invoices, voice messages, or documents to be signed.
Who is affected?
How can I protect myself?
1. Install security updates (urgently!)
Immediately install the patches provided by the manufacturer:
2. Check the configuration
3. Monitor systems
Citrix NetScaler ADC (Application Delivery Controller) is a system that enables secure, fast, and reliable access to web applications – even under heavy loads. It is widely used in enterprises for load balancing, performance optimization, and security.
