Security News > 2022 > June > Citrix warns critical bug can let attackers reset admin passwords
Citrix warned customers to deploy security updates that address a critical Citrix Application Delivery Management vulnerability that can let attackers reset admin passwords.
Citrix ADM is a web-based solution that provides admins with a centralized cloud-based console for managing on-premises or cloud Citrix deployments, including Citrix Application Delivery Controller, Citrix Gateway, and Citrix Secure Web Gateway.
It affects all supported versions of Citrix ADM server and Citrix ADM agent.
While the flaw has already been addressed for customers using the cloud-based Citrix ADM service, the company urged admins running vulnerable versions on-premises to patch their installations ASAP. "Citrix recommends that affected customers install the relevant updated versions of Citrix ADM server and Citrix ADM agent as soon as possible," the company warned on Tuesday.
"Customers must upgrade both Citrix ADM server and all associated Citrix ADM agents."
Citrix provides detailed instructions on upgrading ADM servers and all associated Citrix ADM agents on its documentation website.