The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Citrix are urging users and administrators to apply updates for the flaw.
Flaws in Citrix NetScaler and ADC Gateway have historically been targeted by threat actors, though researchers don't believe the impact of these two bugs to match that of CitrixBleed.
Citrix is urging impacted customers to update, but also recommends that they remove any active or persistent sessions and look for patterns of suspicious session use.
The flaw was disclosed last week, but researchers said that exploitation started in late August.
Attackers are continuing to adjust their tactics in their attacks against Citrix devices vulnerable to the CVE-2023-3519 flaw.