Internet Security

Citrix addressed NetScaler console privilege escalation flaw

February 20, 2025 add comment

Citrix addressed a high-severity privilege escalation vulnerability impacting NetScaler Console and NetScaler Agent under certain conditions.

Citrix released security updates to address a high-severity security vulnerability, tracked as CVE-2024-12284 (CVSS score of 8.8) impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent.

The vulnerability is an improper privilege management that could allow attackers to escalate privileges under certain conditions.

“A vulnerability has been discovered in NetScaler Console (formerly NetScaler ADM) and NetScaler Agent.” reads the advisory.

The vulnerability impacts the following supported versions:

  • NetScaler Agent 13.1 BEFORE 13.1-56.18
  • NetScaler Console 14.1 BEFORE  14.1-38.53
  • NetScaler Console 13.1 BEFORE  13.1-56.18
  • NetScaler Agent 14.1 BEFORE 14.1-38.53

The company pointed out that only authenticated users with existing access to the NetScaler Console can exploit this vulnerability.

“The issue arises due to inadequate privilege management and could be exploited by an authenticated malicious actor to execute commands without additional authorization. However, only authenticated users with existing access to the NetScaler Console can exploit this vulnerability, thereby limiting the threat surface to only authenticated users. Cloud Software Group recommends configuring external authentication for NetScaler Console as a best practice.” reads the advisory published by Netscaler. “Additionally, the potential impact on self-managed NetScaler Console is minimal because the current pre-condition of NetScaler Agent being deployed significantly reduces the blast radius.”

Cloud Software Group addressed the flaw with the release of the following versions:

  • NetScaler Console 14.1-38.53 and later releases 
  • NetScaler Console 13.1-56.18 and later releases of 13.1
  • NetScaler Agent 14.1-38.53 and later releases 
  • NetScaler Agent 13.1-56.18 and later releases of 13.1

Customers are recommended to update their versions as soon as possible because there are no workarounds to address this vulnerability.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, NetScaler Console)

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to our Newsletter