Citrix Patches Two Zero-Day Vulnerabilities Exploited in...

Citrix Patches Two Zero-Day Vulnerabilities Exploited in the Wild (CVE-2023-6548, CVE-2023-6549)

On January 16, Citrix published an advisory for two new zero-day vulnerabilities in its NetScaler Application Delivery Controller (ADC) and Gateway appliances:

CVE-2023-6548
CVE-2023-6549

According to Citrix, these flaws have reportedly been exploited in the wild, though no specific information about in-the-wild exploitation has been shared.

For more information about these vulnerabilities, including the availability of patches and Tenable product coverage, please visit our blog.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

Citrix Patches Two Zero-Day Vulnerabilities Exploited in...

Recent Discussions

FAQ on Exploited Zero-Day Flaws in Cisco ASA and FTD Devices (CVE-2025-20333, CVE-2025-20362)

Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234)

Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks

CVE-2025-7775: Citrix NetScaler ADC and Gateway Zero-Day RCE Vulnerability Exploited in the Wild

CVE-2025-25256: Proof of Concept Released for Fortinet FortiSIEM Command Injection Vulnerability

Americas

Europe

Asia / Australia