Security News > 2022 > December > Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability
The U.S. National Security Agency on Tuesday said a threat actor tracked as APT5 has been actively exploiting a zero-day flaw in Citrix Application Delivery Controller and Gateway to take over affected systems.
Successful exploitation requires that the Citrix ADC or Citrix Gateway appliance is configured as a SAML service provider or a SAML identity provider.
The following supported versions of Citrix ADC and Citrix Gateway are affected by the vulnerability -.
Citrix ADC and Citrix Gateway versions 13.1 are not impacted.
"Targeting Citrix ADCs can facilitate illegitimate access to targeted organizations by bypassing normal authentication controls."
News of the Citrix bug also comes a day after Fortinet revealed a severe vulnerability that also facilitates remote code execution in FortiOS SSL-VPN devices.
News URL
https://thehackernews.com/2022/12/hackers-actively-exploiting-citrix-adc.html
Related news
- Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach (source)
- Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers (source)
- Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own (source)
- Hackers earn $1,078,750 for 28 zero-days at Pwn2Own Berlin (source)
- Chinese hackers breach US local governments using Cityworks zero-day (source)