Security News > 2022 > December > Citrix fixes critical ADC and Gateway zero-day exploited in attacks
Citrix is strongly urging admins to apply security updates for an actively exploited 'Critical' zero-day vulnerability in Citrix ADC and Gateway that allows a remote attacker to take control of a device.
Citrix is warning admins to install the latest update "As soon as possible" as the vulnerability is actively exploited in attacks.
Citrix ADC and Citrix Gateway version 13.1 are not affected by CVE-2022-27518, so upgrading to it solves the security problem.
Citrix ADC FIPS and Citrix ADC NDcPP should upgrade to versions 12.1-55.291 or later.
In 2019, a remote code execution flaw tracked as CVE-2019-19781 was discovered in Citrix ADC and Citrix Gateway and quickly became targeted by ransomware operations, state-supported APTs, opportunistic attackers that used mitigation bypasses, and more.
Exploitation became so widely abused that the Dutch government advised companies to turn off their Citrix ADC and Citrix Gateway devices until admins could apply security updates.
News URL
Related news
- Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack (source)
- Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks (source)
- Apple fixes two new iOS zero-days exploited in attacks on iPhones (source)
- Urgent: Apple Issues Critical Updates for Actively Exploited Zero-Day Flaws (source)
- FBI: Critical infrastructure suffers spike in ransomware attacks (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- Public anxiety mounts over critical infrastructure resilience to cyber attacks (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- Cyber attacks on critical infrastructure show advanced tactics and new capabilities (source)
- Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-13 | CVE-2022-27518 | Unspecified vulnerability in Citrix products Unauthenticated remote arbitrary code execution | 9.8 |
| 2019-12-27 | CVE-2019-19781 | Path Traversal vulnerability in Citrix products An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. | 9.8 |