Security News > 2020 > January > Citrix Releases First Patches for Critical ADC Vulnerability
Citrix has started rolling out security patches for the recently revealed Citrix Application Delivery Controller and Citrix Gateway vulnerability.
The issue impacts versions 13.0, 12.1, 12.0, 11.1, and 10.5 of both Citrix ADC and Gateway.
On Sunday, Citrix announced that it has released "Permanent fixes for ADC versions 11.1 and 12.0.".
"These fixes also apply to Citrix ADC and Citrix Gateway Virtual Appliances hosted on any of ESX, Hyper-V, KVM, XenServer, Azure, AWS, GCP or on a Citrix ADC Service Delivery Appliance. SVM on SDX does not need to be updated," Citrix Chief Information Security Officer Fermin J. Serna reveals.
Serna notes that Citrix is now targeting January 24 for the release of security fixes for ADC and Gateway versions 12.1, 13, and 10.5, as well as for Citrix SD-WAN WANOP versions 10.2.6 and 11.0.3.
News URL
Related news
- Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability (source)
- Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution (source)
- Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking (source)
- IBM scores perfect 10 ... vulnerability in mission-critical OS AIX (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
- Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)