Summary
Citrix NetScaler ADC and Gateway are facing active exploitation of a critical memory overread vulnerability, CVE-2026-3055 (CVSS score 9.3), which allows unauthenticated attackers to steal administrative session IDs and sensitive data.
Take Action:
If you are using NetScaler, this is now urgent - the devices are under attack. If possible, make sure your NetScaler ADC and Gateway appliances are isolated from the internet and accessible from trusted networks only. Them plan an urgent update. Update the firmware to the fixed versions (14.1-66.59, 13.1-62.23, or 13.1-37.262 for FIPS/NDcPP).
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)