• Home
  • cyber
  • Cloud Software Group: Critical NetScaler ADC and Gateway Vulnerabilities Enable Remote Attacks on Affected Systems
cyber Vulnerability

Cloud Software Group: Critical NetScaler ADC and Gateway Vulnerabilities Enable Remote Attacks on Affected Systems

Mar 23, 2026 2 min read
Cloud Software Group: Critical NetScaler ADC and Gateway Vulnerabilities Enable Remote Attacks on Affected Systems

Critical NetScaler ADC and Gateway Vulnerabilities Patched by Cloud Software Group

Cloud Software Group has released emergency security updates for NetScaler ADC and NetScaler Gateway, addressing two high-severity vulnerabilities that could enable unauthenticated remote attacks on affected systems.

The most critical flaw, CVE-2026-3055 (CVSS 9.3), is an out-of-bounds read vulnerability in SAML Identity Provider (IDP) configurations. Exploitable without authentication or user interaction, it allows attackers to trigger memory overreads, potentially leading to system compromise. The issue was discovered internally, with no evidence of active exploitation at the time of disclosure. Administrators can check for exposure by verifying SAML IDP configurations in NetScaler settings.

The second vulnerability, CVE-2026-4368 (CVSS 7.7), involves a race condition causing session mixups in appliances configured as Gateways (SSL VPN, ICA Proxy, CVPN, or RDP Proxy) or AAA virtual servers. While exploitation requires low-privilege authentication and precise timing, successful attacks could fully compromise session confidentiality and integrity.

Affected Versions & Patches:

  • CVE-2026-3055: NetScaler ADC/Gateway 14.1 before 14.1-66.59, 13.1 before 13.1-62.23, and FIPS/NDcPP before 13.1-37.262.
  • CVE-2026-4368: NetScaler ADC/Gateway 14.1-66.54.

Fixed releases include 14.1-66.59 or later, 13.1-62.23 or later, and 13.1-FIPS/NDcPP 13.1.37.262 or later. The patches apply only to customer-managed deployments, as Citrix-managed cloud services and Adaptive Authentication instances have already been updated.

Given NetScaler’s widespread use in enterprise VPN and application delivery, unpatched systems pose a significant risk. Security teams are advised to prioritize updates, particularly for SAML IDP-configured appliances.

Source: https://cybersecuritynews.com/netscaler-adc-and-gateway-vulnerabilities/

Cloud Software Group cybersecurity rating report: https://www.rankiteo.com/company/cloudsoftwaregroup

"id": "CLO1774312166",
"linkid": "cloudsoftwaregroup",
"type": "Vulnerability",
"date": "3/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': 'Enterprises using NetScaler '
                                              'ADC/Gateway (customer-managed '
                                              'deployments)',
                        'industry': 'Technology/Enterprise Software',
                        'name': 'Cloud Software Group (NetScaler ADC/Gateway '
                                'customers)',
                        'type': 'Organization'}],
 'attack_vector': 'Remote',
 'customer_advisories': 'Security teams advised to apply patches immediately, '
                        'particularly for SAML IDP-configured appliances',
 'description': 'Cloud Software Group has released emergency security updates '
                'for NetScaler ADC and NetScaler Gateway, addressing two '
                'high-severity vulnerabilities (CVE-2026-3055 and '
                'CVE-2026-4368) that could enable unauthenticated remote '
                'attacks on affected systems.',
 'impact': {'operational_impact': 'Potential system compromise, session '
                                  'confidentiality and integrity risks',
            'systems_affected': 'NetScaler ADC and NetScaler Gateway '
                                'appliances'},
 'investigation_status': 'Vulnerabilities patched; no evidence of active '
                         'exploitation at time of disclosure',
 'post_incident_analysis': {'corrective_actions': 'Release of security patches '
                                                  'for affected versions',
                            'root_causes': ['Out-of-bounds read vulnerability '
                                            'in SAML IDP configurations '
                                            '(CVE-2026-3055)',
                                            'Race condition causing session '
                                            'mixups (CVE-2026-4368)']},
 'recommendations': 'Prioritize updates for SAML IDP-configured appliances and '
                    'appliances configured as Gateways or AAA virtual servers. '
                    'Verify SAML IDP configurations in NetScaler settings.',
 'references': [{'source': 'Cloud Software Group Security Advisory'}],
 'response': {'communication_strategy': 'Public disclosure of vulnerabilities '
                                        'and patch availability',
              'containment_measures': 'Security patches released for affected '
                                      'versions',
              'remediation_measures': 'Apply fixed releases: 14.1-66.59 or '
                                      'later, 13.1-62.23 or later, '
                                      '13.1-FIPS/NDcPP 13.1.37.262 or later'},
 'title': 'Critical NetScaler ADC and Gateway Vulnerabilities Patched by Cloud '
          'Software Group',
 'type': 'Vulnerability Disclosure',
 'vulnerability_exploited': ['CVE-2026-3055', 'CVE-2026-4368']}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.