Citrix has disclosed critical security vulnerabilities affecting NetScaler ADC and NetScaler Gateway, widely used enterprise networking solutions. The flaws, tracked as CVE-2026-3055 and CVE-2026-4368, could allow attackers to compromise systems under certain configurations.
The advisory warns that affected deployments include multiple supported versions of NetScaler ADC and Gateway, making this a significant concern for organizations relying on these products for remote access and authentication services.
Critical Vulnerabilities Identified
The most severe issue, CVE-2026-3055, carries a CVSS score of 9.3, indicating critical severity. It stems from insufficient input validation that can lead to a memory overread condition. This vulnerability can be exploited when the system is configured as a SAML Identity Provider.
Another flaw, CVE-2026-4368, is rated 7.7 (High severity) and involves a race condition that can result in user session mix-ups. This could allow attackers to interfere with active sessions in environments using VPN or authentication services.
CVE Breakdown Table
| CVE ID | Severity | Description | Preconditions | CVSS |
|---|---|---|---|---|
| CVE-2026-3055 | Critical | Memory overread due to insufficient input validation | SAML IDP configuration required | 9.3 |
| CVE-2026-4368 | High | Race condition leading to session mix-up | Gateway or AAA server configuration | 7.7 |
Affected Systems
The vulnerabilities impact the following versions:
- NetScaler ADC and Gateway 14.1 before 14.1-66.59
- NetScaler ADC and Gateway 13.1 before 13.1-62.23
- NetScaler ADC FIPS and NDcPP before 13.1-37.262
- Specific builds such as 14.1-66.54 are also affected
These systems are commonly deployed in enterprise networks, especially for VPN access, application delivery, and identity management.
Exploitation Risk
The risk is particularly high because these appliances often sit at the edge of enterprise networks. If exploited, attackers could:
- Access or manipulate user sessions
- Leak sensitive memory data
- Bypass authentication controls
- Move laterally within internal networks
Mitigation and Recommendations
Citrix strongly urges administrators to upgrade immediately to patched versions:
- 14.1-66.59 or later
- 13.1-62.23 or later
- Updated FIPS and NDcPP builds
Organizations should also audit configurations for SAML IDP profiles and gateway services to determine exposure.
Final Thoughts
These vulnerabilities highlight the continued targeting of edge infrastructure devices. With NetScaler widely used across enterprises, delayed patching could expose critical systems to active exploitation.
Security teams should treat this advisory as urgent and prioritize updates to minimize risk.
No Comment! Be the first one.