Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
PamStealer Mimics Maccy, Silently Harvests Data
July 4, 2026
Critical FatFs Vulnerabilities Expose Millions of Embedded Devices
July 4, 2026
Critical Linux Kernel Vulnerability CVE-2023-0179 Grants Root Access
July 4, 2026
Home/CyberSecurity News/Critical Citrix NetScaler ADC and Gateway Flaws Let Attackers Remotely Execute Code
CyberSecurity News

Critical Citrix NetScaler ADC and Gateway Flaws Let Attackers Remotely Execute Code

Key Takeaways Cloud Software Group has issued urgent patches for two critical vulnerabilities in NetScaler ADC and NetScaler Gateway. The most severe flaw, CVE-2026-3055, is an unauthenticated remote...

Marcus Rodriguez
Marcus Rodriguez
March 23, 2026 3 Min Read
34 0

Key Takeaways

  • Cloud Software Group has issued urgent patches for two critical vulnerabilities in NetScaler ADC and NetScaler Gateway.
  • The most severe flaw, CVE-2026-3055, is an unauthenticated remote code execution vulnerability with a CVSS v4.0 score of 9.3, affecting appliances configured as a SAML Identity Provider (IDP).
  • A second high-severity flaw, CVE-2026-4368, is a race condition leading to session mixup, affecting Gateway or AAA virtual server configurations.
  • Organizations with customer-managed deployments must apply vendor-provided updates immediately to mitigate risks.

Critical Flaws in NetScaler ADC and Gateway Demand Immediate Patching

Cloud Software Group has released imperative security updates for its NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) products. These patches address two significant vulnerabilities, one of which allows unauthenticated remote attackers to execute arbitrary code on affected systems. The vendor is urging all organizations managing their own deployments to apply these updates without delay.

Table Of Content

  • Key Takeaways
  • Critical Flaws in NetScaler ADC and Gateway Demand Immediate Patching
  • CVE-2026-3055: Critical Out-of-Bounds Read via SAML IDP
  • CVE-2026-4368: Race Condition Causing Session Mixup
  • Affected Versions and Patch Guidance
  • What You Should Do

CVE-2026-3055: Critical Out-of-Bounds Read via SAML IDP

The more severe of the two security defects, identified as CVE-2026-3055, has been assigned a critical CVSS v4.0 base score of 9.3. This vulnerability is categorized as an out-of-bounds read (CWE-125) resulting from inadequate input validation. Exploitation of this flaw requires no prior authentication, no user interaction, and no specialized preconditions other than the appliance being configured as a SAML Identity Provider (IDP).

Cloud Software Group clarified that this vulnerability was discovered through internal security audits, indicating no evidence of active exploitation at the time of public disclosure. Nevertheless, its critical severity and the unprivileged attack vector make it a high-priority target for patching. Administrators can confirm potential exposure by searching their NetScaler configuration for the string add authentication samlIdPProfile .*.

CVE-2026-4368: Race Condition Causing Session Mixup

The second vulnerability, CVE-2026-4368, carries a CVSS v4.0 score of 7.7, classifying it as high severity. This flaw involves a race condition (CWE-362) that can lead to the mixing of user sessions. It impacts appliances configured as a Gateway (supporting SSL VPN, ICA Proxy, CVPN, or RDP Proxy) or as an AAA virtual server. While exploitation requires low-privilege authentication and a specific timing condition (AT:P), successful attacks could compromise the confidentiality and integrity of user sessions, posing a substantial risk in enterprise VPN environments.

Administrators can ascertain if their systems are vulnerable by checking NetScaler configurations for either add authentication vserver .* or add vpn vserver .*.

Affected Versions and Patch Guidance

The vulnerabilities impact several versions of NetScaler ADC and Gateway. Organizations must ensure they upgrade to the patched releases provided by Cloud Software Group.

CVE Affected Version
CVE-2026-3055 NetScaler ADC/Gateway 14.1 before 14.1-66.59; 13.1 before 13.1-62.23; FIPS/NDcPP before 13.1-37.262
CVE-2026-4368 NetScaler ADC/Gateway 14.1-66.54

Cloud Software Group advises upgrading to the following fixed versions:

  • NetScaler ADC and Gateway 14.1-66.59 or later
  • NetScaler ADC and Gateway 13.1-62.23 or later
  • NetScaler ADC 13.1-FIPS / NDcPP 13.1.37.262 or later

It is crucial to understand that this advisory specifically targets customer-managed deployments. Cloud Software Group has already applied the necessary updates to Citrix-managed cloud services and Adaptive Authentication instances. Given the widespread deployment of NetScaler ADC and Gateway as critical components in enterprise perimeters for VPN and application delivery, unpatched systems present a significant attack surface. Security teams should prioritize the deployment of these patches, especially for appliances configured as SAML IDPs, due to the critical nature of CVE-2026-3055. Further details can be found in the official advisory.

What You Should Do

  • Immediately Apply Patches: Upgrade all affected customer-managed NetScaler ADC and Gateway instances to the recommended fixed versions as soon as possible.
  • Verify SAML IDP Configuration: Check your NetScaler configurations for the string add authentication samlIdPProfile .* to identify exposure to CVE-2026-3055.
  • Verify Gateway/AAA Configuration: Inspect configurations for add authentication vserver .* or add vpn vserver .* to determine exposure to CVE-2026-4368.
  • Review Network Segmentation: Ensure that critical systems are segmented to limit the potential impact if an unpatched NetScaler device is compromised.
  • Monitor for Exploitation Attempts: Implement enhanced monitoring for suspicious activity originating from or targeting NetScaler appliances.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVEExploitPatchSecurityVulnerability

Share Article

Marcus Rodriguez

Marcus Rodriguez

Marcus is a security researcher and investigative journalist with expertise in vulnerability research, bug bounties, and cloud security. Since 2017, Marcus has been breaking stories on critical vulnerabilities affecting major platforms. His investigative work has led to the disclosure of numerous security flaws and improved defenses across the industry. Marcus is an active participant in bug bounty programs and has been recognized for responsible disclosure practices. He holds multiple security certifications and regularly speaks at industry events.

Previous Post

Critical QNAP QVR Pro CVE-2022-27588 Lets Remote Attackers Access Systems

Next Post

Tax-Themed Google Ads Deliver EDR-Disabling Malware

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Alibaba Bans Internal Use of Claude AI Over Backdoor Concerns
July 3, 2026
Apache ActiveMQ Critical Vulnerabilities Allow DoS Attacks, System Crashes
July 3, 2026
Scammers Impersonate Brands in Gambling Ads to Drive Casino Traffic
July 3, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us