Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability

The Hacker News by The Hacker News
February 20, 2025
Home Cybersecurity
Share on FacebookShare on Twitter


Feb 20, 2025Ravie LakshmananVulnerability / IT Security

Citrix has released security updates for a high-severity security flaw impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent that could lead to privilege escalation under certain conditions.

The vulnerability, tracked as CVE-2024-12284, has been given a CVSS v4 score of 8.8 out of a maximum of 10.0

It has been described as a case of improper privilege management that could result in authenticated privilege escalation if the NetScaler Console Agent is deployed and allows an attacker to execute post-compromise actions.

“The issue arises due to inadequate privilege management and could be exploited by an authenticated malicious actor to execute commands without additional authorization,” Netscaler noted.

“However, only authenticated users with existing access to the NetScaler Console can exploit this vulnerability, thereby limiting the threat surface to only authenticated users.”

Cybersecurity

The shortcoming affects the below versions –

  • NetScaler Console 14.1 before 14.1-38.53
  • NetScaler Console 13.1 before 13.1-56.18
  • NetScaler Agent 14.1 before 14.1-38.53
  • NetScaler Agent 13.1 before 13.1-56.18

It has been remediated in the below versions of the software –

  • NetScaler Console 14.1-38.53 and later releases
  • NetScaler Console 13.1-56.18 and later releases of 13.1
  • NetScaler Agent 14.1-38.53 and later releases
  • NetScaler Agent 13.1-56.18 and later releases of 13.1

“Cloud Software Group strongly urges customers of NetScaler Console and NetScaler Agent to install the relevant updated versions as soon as possible,” the company said, adding there are no workarounds to resolve the flaw.

That said, customers who are using Citrix-managed NetScaler Console Service do not need to take any action.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
The Hacker News

The Hacker News

Next Post
Tuya Smart x DeepSeek: Multimodal AI Reshapes the Future of Pet Care

Tuya Smart x DeepSeek: Multimodal AI Reshapes the Future of Pet Care

Recommended.

Ocular Tele-Health Eye Exam Exposes Potential Deadly Brain Tumor, Emergency Surgery and Continued Patient Recovery.

Ocular Tele-Health Eye Exam Exposes Potential Deadly Brain Tumor, Emergency Surgery and Continued Patient Recovery.

October 1, 2025
ThunderCat Technology Named to CRN Solution Provider 500 List For 2026

ThunderCat Technology Named to CRN Solution Provider 500 List For 2026

June 8, 2026

Trending.

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

May 1, 2026
Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

May 4, 2026
Google’s 0 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

Google’s $750 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

April 24, 2026
ACP CreativIT Rebrands As Tusker, Mounts National Sales Charge, Eyes New Acquisitions

ACP CreativIT Rebrands As Tusker, Mounts National Sales Charge, Eyes New Acquisitions

January 13, 2026
Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

April 23, 2025

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio