{"id":229545,"date":"2026-03-31T05:46:00","date_gmt":"2026-03-31T09:46:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/31\/u-s-cisa-adds-a-flaw-in-citrix-netscaler-to-its-known-exploited-vulnerabilities-catalog\/"},"modified":"2026-03-31T06:50:14","modified_gmt":"2026-03-31T10:50:14","slug":"u-s-cisa-adds-a-flaw-in-citrix-netscaler-to-its-known-exploited-vulnerabilities-catalog","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/31\/u-s-cisa-adds-a-flaw-in-citrix-netscaler-to-its-known-exploited-vulnerabilities-catalog\/","title":{"rendered":"U.S. CISA adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog"},"content":{"rendered":"

U.S. CISA adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog<\/a><\/p>\n

https:\/\/securityaffairs.com\/190197\/security\/u-s-cisa-adds-a-flaw-in-citrix-netscaler-to-its-known-exploited-vulnerabilities-catalog.html<\/a><\/p>\n

Publish Date: 2026-03-31 05:46:00<\/a><\/p>\n

Source Domain: securityaffairs.com<\/a><\/p>\n

U.S. CISA adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog<\/h2>\n<\/p>\n

\t\t\t\t\t\t\t Pierluigi Paganini<\/span>
\n\t\t\t\t\t\t\t\"\"\/ March 31, 2026<\/span><\/p>\n

\t\t\t\t\t\t\"\"\/<\/p>\n

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog.<\/h2>\n

The U.S. Cybersecurity and Infrastructure Security Agency (CISA)\u00a0added\u00a0a flaw in Citrix NetScaler, tracked as CVE-2026-3055 (CVSS ver. 4.0 score of 9.3), to its\u00a0Known Exploited Vulnerabilities (KEV) catalog.<\/p>\n

In March, Citrix issued\u00a0security updates\u00a0for two NetScaler vulnerabilities, including the critical vulnerability, tracked as CVE-2026-3055 (CVSS score of 9.3), that allows unauthenticated attackers to leak sensitive data.<\/p>\n

The flaw CVE-2026-3055 is an insufficient input validation that leads to a memory overread. It can be triggered only if Citrix ADC or Citrix Gateway are configured as a SAML IDP.<\/p>\n

Customers can check if their NetScaler appliance is set up as a SAML IDP by looking for the configuration string:<\/p>\n

add authentication samlIdPProfile .*<\/p>\n

\u201cThis vulnerability,\u00a0CVE-2026-3055, which is classified as an out-of-bounds read and holds a CVSS score of\u00a09.3, allows unauthenticated remote attackers to leak potentially sensitive information from the appliance\u2019s memory.\u201d reads the\u00a0advisory\u00a0published by Rapid7 researchers. \u201cThe Citrix advisory states that\u00a0systems configured as a SAML Identity Provider (SAML IDP) are vulnerable, whereas default configurations are unaffected. This SAML IDP configuration is likely a very common configuration for organizations utilizing single sign-on.\u201d<\/p>\n

At this time, CVE-2026-3055 has no known in-the-wild exploits or public proof-of-concept. Citrix discovered it internally, but once exploit code is released, attacks are likely. Customers should patch immediately, as similar memory-leak flaws like \u201cCitrixBleed\u201d (CVE-2023-4966) were widely exploited in 2023.<\/p>\n

The…<\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

U.S. CISA adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog https:\/\/securityaffairs.com\/190197\/security\/u-s-cisa-adds-a-flaw-in-citrix-netscaler-to-its-known-exploited-vulnerabilities-catalog.html…<\/p>\n","protected":false},"author":1,"featured_media":229546,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2020\/07\/CISA.jpeg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,31,27],"class_list":["post-229545","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/229545"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=229545"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/229545\/revisions"}],"predecessor-version":[{"id":229547,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/229545\/revisions\/229547"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/229546"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=229545"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=229545"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=229545"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}