Security News > 2022 > December > Citrix fixes critical ADC and Gateway zero-day exploited in attacks
Citrix is strongly urging admins to apply security updates for an actively exploited 'Critical' zero-day vulnerability in Citrix ADC and Gateway that allows a remote attacker to take control of a device.
Citrix is warning admins to install the latest update "As soon as possible" as the vulnerability is actively exploited in attacks.
Citrix ADC and Citrix Gateway version 13.1 are not affected by CVE-2022-27518, so upgrading to it solves the security problem.
Citrix ADC FIPS and Citrix ADC NDcPP should upgrade to versions 12.1-55.291 or later.
In 2019, a remote code execution flaw tracked as CVE-2019-19781 was discovered in Citrix ADC and Citrix Gateway and quickly became targeted by ransomware operations, state-supported APTs, opportunistic attackers that used mitigation bypasses, and more.
Exploitation became so widely abused that the Dutch government advised companies to turn off their Citrix ADC and Citrix Gateway devices until admins could apply security updates.
News URL
Related news
- Fortinet warns of new critical FortiManager flaw used in zero-day attacks (source)
- Critical SonicWall SSLVPN bug exploited in ransomware attacks (source)
- Windows vulnerability abused braille “spaces” in zero-day attacks (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- Ivanti warns of another critical CSA flaw exploited in attacks (source)
- Critical Ivanti vTM auth bypass bug now exploited in attacks (source)
- Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks (source)
- Rackspace monitoring data stolen in ScienceLogic zero-day attack (source)
- Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-13 | CVE-2022-27518 | Unspecified vulnerability in Citrix products Unauthenticated remote arbitrary code execution | 9.8 |
2019-12-27 | CVE-2019-19781 | Path Traversal vulnerability in Citrix products An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. | 9.8 |