Security News > 2020 > January > Citrix Releases First Patches for Critical ADC Vulnerability
Citrix has started rolling out security patches for the recently revealed Citrix Application Delivery Controller and Citrix Gateway vulnerability.
The issue impacts versions 13.0, 12.1, 12.0, 11.1, and 10.5 of both Citrix ADC and Gateway.
On Sunday, Citrix announced that it has released "Permanent fixes for ADC versions 11.1 and 12.0.".
"These fixes also apply to Citrix ADC and Citrix Gateway Virtual Appliances hosted on any of ESX, Hyper-V, KVM, XenServer, Azure, AWS, GCP or on a Citrix ADC Service Delivery Appliance. SVM on SDX does not need to be updated," Citrix Chief Information Security Officer Fermin J. Serna reveals.
Serna notes that Citrix is now targeting January 24 for the release of security fixes for ADC and Gateway versions 12.1, 13, and 10.5, as well as for Citrix SD-WAN WANOP versions 10.2.6 and 11.0.3.
News URL
Related news
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise (source)
- Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin (source)