CVE-2023-4966

CVE-2023-4966 is a critical-severity vulnerability in Citrix Netscaler Application Delivery Controller with a CVSS 3.x base score of 9.4. It is listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, confirming it has been exploited in the wild (added 2023-10-18). The underlying weakness is classified as CWE-119.

Key facts

Description

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server.

CVE-2023-4966: Citrix Bleed — NetScaler ADC / Gateway Sensitive Information Disclosure

AI-generated analysis based on the vulnerability data on this page.

Field Value
CVE ID CVE-2023-4966
CVSS v3.1 9.4 (Critical) — AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
EPSS 0.99999 (99.993rd percentile)
CISA KEV Added 2023-10-18
EU Exploited Confirmed since 2023-10-18 (EUVD-2023-54802)
CWE CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer
Published 2023-10-10
Last Modified 2026-06-17
Vendor Citrix (NetScaler)
Ransomware Association Confirmed

Summary

CVE-2023-4966, widely known as Citrix Bleed, is a critical vulnerability in Citrix NetScaler ADC and NetScaler Gateway products. When configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server, the appliance exposes a buffer over-read condition that allows unauthenticated remote attackers to extract sensitive session tokens and other memory-resident data. The flaw has been actively exploited in the wild since at least October 2023 and is listed on both the CISA Known Exploited Vulnerabilities catalog and the EU Vulnerability Database.

Background

Citrix NetScaler ADC (Application Delivery Controller) and NetScaler Gateway are widely deployed at the edge of enterprise networks to provide remote access, load balancing, and application delivery. In Gateway mode, these appliances terminate VPN sessions, broker ICA/HDX connections, and enforce authentication via AAA virtual servers. Because they sit on the perimeter and handle high-value session credentials, any information-disclosure flaw in their processing path is especially dangerous. CVE-2023-4966 was disclosed by Citrix on 10 October 2023 and was rapidly added to CISA's KEV catalog eight days later after in-the-wild exploitation was confirmed.

Root Cause

The vulnerability is classified under CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer. In this case, a buffer over-read occurs during request processing on the Gateway or AAA virtual server. The underlying code fails to properly bound a memory read operation, allowing an attacker-controlled request to read beyond the allocated buffer into adjacent memory regions. Those adjacent regions can contain valid session tokens, authentication cookies, or other sensitive runtime data. Because the read happens in the context of the appliance's own memory space, no authentication or prior session is required to reach the vulnerable code path.

Impact

The CVSS v3.1 vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L yields a base score of 9.4 (Critical) and maps to the following impacts:

  • Confidentiality (High) — Attackers can read sensitive information, most critically valid session tokens, enabling session hijacking without credentials.
  • Integrity (High) — With stolen session tokens, an attacker can impersonate legitimate users and perform actions within their authenticated sessions.
  • Availability (Low) — The vulnerability itself is a read primitive, but downstream exploitation (e.g., mass session invalidation or follow-on attacks) can degrade service availability.

The EPSS score of 0.99999 with a 99.993rd percentile ranking indicates near-certain probability of active exploitation in the wild. CISA KEV confirmation and EU exploitation tracking (EUVD-2023-54802) both corroborate this. Ransomware operators have been observed leveraging this flaw for initial access.

Exploitation Walkthrough

Ethics & Scope Disclaimer — The description below is intentionally generic and framed from a defensive perspective. No weaponized exploit code is provided, and the aim is to help defenders understand the attack surface rather than enable malicious use.

  1. Reconnaissance — The attacker identifies a publicly reachable NetScaler Gateway or AAA virtual server (common on TCP/443).
  2. Request Crafting — A malformed HTTP request is sent to the Gateway endpoint. The malformed field triggers the buffer over-read in the request-handling path.
  3. Memory Leakage — The appliance responds with data that includes memory contents from beyond the intended buffer. In confirmed exploitation, this response has contained valid session cookies or tokens.
  4. Session Hijacking — The attacker extracts the leaked token and replays it in an authenticated request, effectively assuming the victim's session without ever possessing credentials.

Because the attack complexity is low, no privileges are required, and no user interaction is needed, this vulnerability is trivially exploitable at scale by automated scanners.

Affected and Patched Versions

The following product lines are affected according to CPE data in the NVD record:

  • Citrix NetScaler Application Delivery Controller (ADC) — all editions including FIPS and NDCPP variants
  • Citrix NetScaler Gateway

Specific version ranges are not present in the source data used for this advisory. Organizations should consult the vendor's official security bulletin (CTX579459) to determine exactly which firmware builds are vulnerable and which builds contain the fix.

Remediation

Primary Mitigation

  • Upgrade to a patched firmware version as specified in Citrix support article CTX579459. This is the only complete remediation.

Compensating Controls

  • If immediate patching is not possible, disable or restrict access to Gateway and AAA virtual server functionality until the patch can be applied.
  • Place the management interface and Gateway virtual IPs behind a restrictive allow-list (WAF or network ACL) to reduce exposure, though this does not eliminate risk entirely.
  • Enforce multi-factor authentication (MFA) for all remote-access sessions. While MFA does not prevent token theft, it raises the bar for follow-on lateral movement if a session is hijacked.
  • Monitor for and revoke active sessions after patching, because stolen tokens may remain valid until expiration or forced logout.

Detection

  • Network Telemetry — Look for anomalous HTTP requests to Gateway endpoints that receive unusually large or malformed responses, or requests that deviate from normal client User-Agent patterns.
  • Session Anomaly — Correlate session-origin IP changes (same session cookie, new source IP or geolocation) in authentication logs.
  • IPS/WAF Signatures — Ensure that edge intrusion-prevention and web-application-firewall rulesets include detections for known Citrix Bleed scanning and exploitation patterns.
  • Hunting — Search appliance logs and any downstream proxy logs for unexpected 200 OK responses to non-standard request payloads on Gateway paths.

Assessment

CVE-2023-4966 is a textbook example of why buffer-management bugs in edge-facing appliances remain so dangerous: a single unauthenticated over-read can collapse the security boundary of an entire remote-access infrastructure. The near-perfect EPSS score, dual KEV/EU-VD confirmations, and confirmed ransomware use all signal that this vulnerability should be treated as an active, high-priority threat rather than a theoretical risk.

Key lessons:

  1. Edge appliances are high-value targets — A flaw in a VPN gateway compromises every session it protects. Patching cycles for perimeter infrastructure must be aggressive.
  2. Session-token hygiene matters — Even after patching, stolen tokens can persist. Incident-response playbooks should include mass session revocation and token-rotation steps as standard post-exploitation cleanup.

References

Frequently asked questions

What is CVE-2023-4966?
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server.
How severe is CVE-2023-4966?
CVE-2023-4966 has a CVSS 3.x base score of 9.4, rated critical severity. It is exploitable over network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is high, integrity high, and availability low.
Is CVE-2023-4966 being actively exploited?
Yes. CVE-2023-4966 is on CISA's Known Exploited Vulnerabilities (KEV) catalog, added on 2023-10-18, which means active exploitation has been confirmed. It should be prioritised for remediation.
What products are affected by CVE-2023-4966?
CVE-2023-4966 primarily affects Citrix Netscaler Application Delivery Controller. In total, 4 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
How do I fix CVE-2023-4966?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Because this CVE is known to be actively exploited, treat remediation as urgent — CISA KEV typically sets a short remediation deadline.
Does CVE-2023-4966 have an EU (EUVD) identifier?
Yes. CVE-2023-4966 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2023-54802. It is also flagged as exploited in the EUVD (since 2023-10-18).
When was CVE-2023-4966 published?
CVE-2023-4966 was published on 2023-10-10 and last updated on 2026-06-17.

References

Affected products (4)

More vulnerabilities in Citrix Netscaler Application Delivery Controller

All CVEs affecting Citrix Netscaler Application Delivery Controller →

Other CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) vulnerabilities

Browse all CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) vulnerabilities →