Citrix NetScaler Critical Vulnerability - 20260324001¶
Overview¶
Citrix has published a security advisory for vulnerabilities affecting its NetScaler ADC and NetScaler Gateway products. These vulnerabilities allow unauthenticated remote attackers to potentially leak sensitive information from the appliance's memory.
What is vulnerable?¶
| Product(s) Affected | Version(s) | CVE | CVSS | Severity |
|---|---|---|---|---|
| NetScaler ADC and NetScaler Gateway | 14.1 prior to 14.1-66.59 13.1 prior to 13.1-62.23 |
CVE-2026-3055 | 9.3 | Critical |
| NetScaler ADC FIPS and NDcPP | Prior to 13.1-37.262 | CVE-2026-3055 | 9.3 | Critical |
| NetScaler ADC and NetScaler Gateway | 14.1 - 66.54 | CVE-2026-4368 | 7.7 | High |
What has been observed?¶
The WASOC has not received any reports of exploitation of this vulnerability on Western Australian Government networks at the time of writing.
Recommendation¶
The WASOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframes (refer Patch Management):