Ir para conteúdo

Vulnerability Alert - Citrix

TYPE
Vulnerabilities
SYSTEMS AFFECTED
Citrix Gateway and Citrix ADC
ECOSYSTEM
Citrix
Description

A security advisory was published about a critical RCE vulnerability (CVE-2022-27518) that affects Citrix Gateway and Citrix ADC. Versions 13.1 Citrix ADC and Citrix Gateway are not affected.
There is a pre-condition for this vulnerability to be exploited — Citrix ADC or Citrix Gateway must be configured as a Security Assertion Markup Language (SAML) service provider (SP) or a SAML identity provider (IdP). 
Please note that this vulnerability is being actively exploited in the wild.

 

Impact

A remote unauthenticated attacker could execute arbitrary code.

 

Resolution

It is recommended to upgrade the products:
- Citrix ADC and Citrix Gateway 12.1-65.25 or latest version;
- Citrix ADC and Citrix Gateway 13.0-58.32 or latest version;
- Citrix ADC 12.1-FIPS 12.1-55.291 or latest version;
- Citrix ADC 12.1-NDcPP 12.1-55.291 or latest version.

NSA published a guide [2] that helps identifying compromised Citrix ADC.

 
References
Last updated on 07-09-2022