Cloud Software Group issued urgent patches on February 18, 2025, for a high-severity vulnerability (CVE-2024-12284) affecting its NetScaler Console (formerly NetScaler ADM) and NetScaler Agent. While exploitation requires existing access to the NetScaler Console, successful attacks could grant administrative control over critical infrastructure, enabling data theft, service disruption, or lateral movement. The root cause lies in improper privilege management (CWE-269), which allows authenticated users, including malicious insiders or compromised accounts, to bypass authorization checks and execute commands with elevated permissions. Notably, Cloud Software Group confirmed that Citrix-managed NetScaler Console Service deployments are unaffected, as updates are automatically applied. While the blast radius is reduced for self-managed NetScaler deployments due to the NetScaler Agent’s presence, unpatched systems remain vulnerable to credential-based attacks. Enforce external authentication (e.g., LDAP, RADIUS) for NetScaler Console to strengthen access controls. Rated 8.8 on the CVSS v4.0 scale, the flaw enables authenticated attackers to execute unauthorized commands, potentially compromising enterprise management systems. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The vulnerability underscores persistent risks in privileged access frameworks, even as its exploitability remains limited to authenticated users. The vulnerability follows heightened scrutiny of enterprise management tools after similar flaws in Cisco ASA (CVE-2024-20341) and OpenSSH (CVE-2024-6387).
This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 20 Feb 2025 02:20:09 +0000