Memory safety vulnerabilities (CVE-2024-8534, CVE-2024-8535) pose risks of Denial of Service attacks in NetScaler ADC and Gateway with specific configurations.

Greenwill Solution would like to inform you of a recently discovered vulnerability in NetScaler ADC and NetScaler Gateway that could lead to Denial of Service (DoS) attacks. These vulnerabilities, identified as CVE-2024-8534 and CVE-2024-8535, have a CVSS score of 8.4 and primarily affect systems configured with the following settings:

1. Gateway (VPN Vserver) with RDP Feature enabled.

2. Gateway (VPN Vserver) with an RDP Proxy Server profile.

3. Authentication Server (AAA Vserver) with RDP Feature enabled.

Additionally, systems using Kerberos SSO with a KCDAccount configuration are at risk of unauthorized user access.

Affected Versions and SolutionThe affected versions include:

• NetScaler ADC and NetScaler Gateway 14.1 (before 14.1-29.72)

• NetScaler ADC and NetScaler Gateway 13.1 (before 13.1-55.34)

• NetScaler ADC 13.1-FIPS (before 13.1-37.207)

• NetScaler ADC 12.1-FIPS (before 12.1-55.321)

• NetScaler ADC 12.1-NDcPP (before 12.1-55.321)

• 
  

To mitigate these risks, upgrade to the following versions immediately:

• NetScaler ADC and Gateway 14.1-29.72 or later.

• NetScaler ADC and Gateway 13.1-55.34 or later.

• NetScaler ADC 13.1-FIPS 13.1-37.207 or later.

• NetScaler ADC 12.1-FIPS 12.1-55.321 or later.

• NetScaler ADC 12.1-NDcPP 12.1-55.321 or later.

  
  

For more information and to download updates, visit Citrix Download Center.

Greenwill Solution’s Patch Management Service helps organizations ensure their systems are secure against vulnerabilities like these. Contact us today to schedule a consultation and protect your infrastructure.