Security News > 2022 > December > Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability
The U.S. National Security Agency on Tuesday said a threat actor tracked as APT5 has been actively exploiting a zero-day flaw in Citrix Application Delivery Controller and Gateway to take over affected systems.
Successful exploitation requires that the Citrix ADC or Citrix Gateway appliance is configured as a SAML service provider or a SAML identity provider.
The following supported versions of Citrix ADC and Citrix Gateway are affected by the vulnerability -.
Citrix ADC and Citrix Gateway versions 13.1 are not impacted.
"Targeting Citrix ADCs can facilitate illegitimate access to targeted organizations by bypassing normal authentication controls."
News of the Citrix bug also comes a day after Fortinet revealed a severe vulnerability that also facilitates remote code execution in FortiOS SSL-VPN devices.
News URL
https://thehackernews.com/2022/12/hackers-actively-exploiting-citrix-adc.html
Related news
- Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)