Security News > 2022 > December > Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability
The U.S. National Security Agency on Tuesday said a threat actor tracked as APT5 has been actively exploiting a zero-day flaw in Citrix Application Delivery Controller and Gateway to take over affected systems.
Successful exploitation requires that the Citrix ADC or Citrix Gateway appliance is configured as a SAML service provider or a SAML identity provider.
The following supported versions of Citrix ADC and Citrix Gateway are affected by the vulnerability -.
Citrix ADC and Citrix Gateway versions 13.1 are not impacted.
"Targeting Citrix ADCs can facilitate illegitimate access to targeted organizations by bypassing normal authentication controls."
News of the Citrix bug also comes a day after Fortinet revealed a severe vulnerability that also facilitates remote code execution in FortiOS SSL-VPN devices.
News URL
https://thehackernews.com/2022/12/hackers-actively-exploiting-citrix-adc.html
Related news
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Windows vulnerability abused braille “spaces” in zero-day attacks (source)
- Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Over 70 zero-day flaws get hackers $1 million at Pwn2Own Ireland (source)