More than 1,950 Citrix NetScaler instances have been compromised with a backdoor in attacks leveraging the critical zero-day flaw, tracked as CVE-2023-3519, accounting for nearly 6.3% of all vulnerable appliances, while almost 2,500 web shells were observed across the infected appliances, SecurityWeek reports. Aside from infections remaining in over 1,800 NetScalers, almost 69% of instances that have been patched against the zero-day continued to have the backdoor, according to a report from NCC Group. "This indicates that while most administrators were aware of the vulnerability and have since patched their NetScalers to a non-vulnerable version, they have not been (properly) checked for signs of successful exploitation," said NCC Group.
Article Link: Attacks exploiting Citrix flaw compromise thousands of NetScaler instances | SC Media