Citrix has released security updates to address a high-severity privilege escalation vulnerability (CVE-2024-12284) in NetScaler Console and NetScaler Agent. The flaw, with a CVSS v4 score of 8.8, arises from improper privilege management, allowing authenticated attackers to execute commands without additional authorization. The affected versions include NetScaler Console and Agent versions prior to 14.1-38.53 and 13.1-56.18. Users are strongly advised to update to the latest patched versions, as no workarounds are available. Customers using Citrix-managed NetScaler Console Service are unaffected.

‍