A critical vulnerability affecting Citrix Netscaler is giving attackers complete access to the Netscaler appliance.
The vulnerability allows an attacker to place arbitrary code into Netscaler which grants them full access. This compromise then allows an attacker to run software to mine cryptocurrency, sniff network traffic, gain access to Citrix user passwords and compromise the security of the Netscaler platform.
All Citrix Netscaler versions from 10.5 to 13.0 are affected.
Mitigation steps involve running scripts on the Netscaler to disable access. If the Netscaler is already compromised, a rebuild, reissue of the SSL certificate and reset of Windows passwords will be required to secure your environment.
For more information, see the Citrix article at: https://support.citrix.com/article/CTX267027
If you need help resolving this vulnerability, please contact Innovative Computing Systems' Technical Assistance Center by emailing firstname.lastname@example.org or calling 1-800-541-0450.