High Threat Security Alert (A22-12-09): Vulnerability in Citrix Products

Description:

Citrix released a security advisory to address a remote code execution vulnerability in Citrix Application Delivery Controller and Citrix Gateway. An attacker could exploit the vulnerability by sending specially crafted requests to an affected system.

Reports indicate that a remote code execution vulnerability (CVE-2022-27518) is being exploited in the wild. System administrators are advised to take immediate actions to patch your affected systems to mitigate the elevated risk of cyber attacks.

Affected Systems:

• Citrix Application Delivery Controller (ADC) and Citrix Gateway 13.0 prior to version 13.0-58.32
• Citrix Application Delivery Controller (ADC) and Citrix Gateway 12.0 prior to version 12.1-65.25
• Citrix Application Delivery Controller (ADC) 12.1-FIPS prior to version 12.1-55.291
• Citrix Application Delivery Controller (ADC) 12.1-NDcPP prior to version 12.1-55.291

Impact:

Successful exploitation of the vulnerability could lead to remote code execution on an affected system.

Recommendation:

Software updates for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

More Information:

• https://support.citrix.com/article/CTX474995
• https://www.hkcert.org/security-bulletin/citrix-products-remote-code-execution-vulnerability_20221214
• https://www.cisa.gov/uscert/ncas/current-activity/2022/12/13/citrix-releases-security-updates-citrix-adc-citrix-gateway
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27518