Get in Touch
The three critical vulnerabilities discovered in the Citrix ADC and Citrix Gateway products announced in the security bulletin (CTX463706) relate to flaws in the products. Therefore, users who manage Citrix appliances independently across all sectors are likely to be targeted in the future.
Severity level: Critical – Exploitation of these vulnerabilities would allow an attacker to take control of an affected system.
Citrix has notified its customers of the discovery of a critical authentication bypass vulnerability in its managed Citrix ADC and Citrix Gateway appliances and are advising customers to install relevant security updates as a matter of urgency.
Under specific pre-conditions, the three vulnerabilities disclosed could lead to the unauthorised access to a device (CVE-2022-27510), the bypassing of brute force protection (CVE-2022-27516), and remote desktop takeover via phishing (CVE-2022-27513).
The Citrix security bulletin goes on to say, “that only appliances that are operating as a Gateway (appliances using the SSL VPN functionality or deployed as an ICA proxy with authentication enabled) are affected by the first issue, which is rated as a Critical severity vulnerability”.
System owners and administrators whose organisation uses Citrix ADC and the Citrix Gateway appliances should check if the current version in use is affected by this vulnerability, which impacts the product versions below.
– Citrix ADC and Citrix Gateway 13.1 before 13.1-33.47
– Citrix ADC and Citrix Gateway 13.0 before 13.0-88.12
– Citrix ADC and Citrix Gateway 12.1 before 18.104.22.168
– Citrix ADC 12.1-FIPS before 22.214.171.1249
– Citrix ADC 12.1-NDcPP before 12.1-55.289.
Containment, Mitigations & Remediations
The security bulletin urges affected customers of Citrix ADC and Citrix Gateway to install the relevant updated versions of Citrix ADC or Citrix Gateway as soon as possible. Citrix-managed cloud service users do not need to take any action.