Citrix Products Remote Code Execution Vulnerability

Release Date: 14 Dec 2022 5845 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability was identified in Citrix Products. A remote attacker could exploit a vulnerability to trigger remote code execution on the targeted system.

 

Note:

CVE-2022-27518 is being exploited in the wild. If exploited, could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance. 

Impact

  • Remote Code Execution

System / Technologies affected

  • Citrix ADC and Citrix Gateway 13.0 before 13.0-58.32 

  • Citrix ADC and Citrix Gateway 12.1 before 12.1-65.25 

  • Citrix ADC 12.1-FIPS before 12.1-55.291 

  • Citrix ADC 12.1-NDcPP before 12.1-55.291

 

Please refer to the link below for detail:

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

  • Citrix ADC and Citrix Gateway 13.0-58.32 and later releases 

  • Citrix ADC and Citrix Gateway 12.1-65.25 and later releases of 12.1 

  • Citrix ADC 12.1-FIPS 12.1-55.291 and later releases of 12.1-FIPS  

  • Citrix ADC 12.1-NDcPP 12.1-55.291 and later releases of 12.1-NDcPP 

Please note that Citrix ADC and Citrix Gateway versions prior to 12.1 are EOL and customers on those versions are recommended to upgrade to one of the supported versions. 

Vulnerability Identifier

Source

Related Link

Related Tags

CritixRemote Code ExecutionExploit In The Wild

Share with

Previous

Microsoft Monthly Security Update (December 2022)

14 Dec 2022 5665 Views

Next

Adobe Monthly Security Update (December 2022)

14 Dec 2022 6269 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY