Home > Cyber News > CVE-2022-27518: Citrix ADC and Gateway Zero-Day Detected
CYBER NEWS

CVE-2022-27518: Citrix ADC and Gateway Zero-Day Detected

CVE-2022-27518- Citrix ADC and Gateway Zero-Day Detected-sensorstechforum-com
CVE-2022-27518 is a newly detected Citrix vulnerability, currently exploited in attacks. The zero-day is located in Citrix ADC and Gateway, and could allow an unauthenticated remote threat actor to take over an exposed device.

What Is Known about CVE-2022-27518?

According to the official Citrix advisory, a vulnerability has been discovered in Citrix Gateway and Citrix ADC, that could allow an unauthenticated remote attacker to perform arbitrary code execution on vulnerable appliances.




Affected Citrix ADC and Citrix Gateway Versions

The company has informed that the following supported versions of Citrix ADC and Citrix Gateway are affected by CVE-2022-27518, with the exclusion of Citrix ADC and Citrix Gateway version 13.1:

  • Citrix ADC and Citrix Gateway 13.0 before 13.0-58.32
  • Citrix ADC and Citrix Gateway 12.1 before 12.1-65.25
  • Citrix ADC 12.1-FIPS before 12.1-55.291
  • Citrix ADC 12.1-NDcPP before 12.1-55.291

How to Determine If a Citrix Device Is vulnerable?

To determine exposure, customers can establish if their appliance is configured as a SAML SP or a SAML IdP by inspecting the ns.conf file for the following commands:

add authentication samlAction
– Appliance is configured as a SAML SP

add authentication samlIdPProfile
– Appliance is configured as a SAML IdP

“If either of the commands are present in the ns.conf file and if the version is an affected version, then the appliance must be updated,” the advisory noted.

Previous Citrix Vulnerabilities Reported in 2022

Earlier this year, multiple vulnerabilities in the Citrix product portfolio were patched, including a high-severity bug in SD-WAN, tracked as CVE-2022-27505. This was determined as a reflected cross-site scripting (XSS) issue, a result of improper input during web page generation. Citrix said that both standard and premium versions of SD-WAN before version 11.4.3a were affected.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree