Security News > 2022 > December > Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability

Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability
2022-12-14 04:40

The U.S. National Security Agency on Tuesday said a threat actor tracked as APT5 has been actively exploiting a zero-day flaw in Citrix Application Delivery Controller and Gateway to take over affected systems.

Successful exploitation requires that the Citrix ADC or Citrix Gateway appliance is configured as a SAML service provider or a SAML identity provider.

The following supported versions of Citrix ADC and Citrix Gateway are affected by the vulnerability -.

Citrix ADC and Citrix Gateway versions 13.1 are not impacted.

"Targeting Citrix ADCs can facilitate illegitimate access to targeted organizations by bypassing normal authentication controls."

News of the Citrix bug also comes a day after Fortinet revealed a severe vulnerability that also facilitates remote code execution in FortiOS SSL-VPN devices.


News URL

https://thehackernews.com/2022/12/hackers-actively-exploiting-citrix-adc.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Citrix 118 20 177 80 65 342