Security News > 2022 > December > Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability
The U.S. National Security Agency on Tuesday said a threat actor tracked as APT5 has been actively exploiting a zero-day flaw in Citrix Application Delivery Controller and Gateway to take over affected systems.
Successful exploitation requires that the Citrix ADC or Citrix Gateway appliance is configured as a SAML service provider or a SAML identity provider.
The following supported versions of Citrix ADC and Citrix Gateway are affected by the vulnerability -.
Citrix ADC and Citrix Gateway versions 13.1 are not impacted.
"Targeting Citrix ADCs can facilitate illegitimate access to targeted organizations by bypassing normal authentication controls."
News of the Citrix bug also comes a day after Fortinet revealed a severe vulnerability that also facilitates remote code execution in FortiOS SSL-VPN devices.
News URL
https://thehackernews.com/2022/12/hackers-actively-exploiting-citrix-adc.html
Related news
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls (source)
- Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools (source)