Remote code execution in Citrix ADC and Citrix Gateway



Published: 2022-12-13
Risk Critical
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2022-27518
CWE-ID CWE-664
Exploitation vector Network
Public exploit This vulnerability is being exploited in the wild.
Vulnerable software
Subscribe
Citrix Netscaler ADC
Client/Desktop applications / Software for system administration

Citrix Access Gateway
Server applications / Remote management servers, RDP, SSH

Vendor

Security Bulletin

This security bulletin contains one critical risk vulnerability.

1) Improper control of a resource through its lifetime

EUVDB-ID: #VU70192

Risk: Critical

CVSSv3.1:

CVE-ID: CVE-2022-27518

CWE-ID: CWE-664 - Improper control of a resource through its lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to improper access restrictions in systems configured as a SAML SP or a SAML IdP. A remote non-authenticated attacker can gain unauthorized access to the system.

Note, the vulnerability is being actively exploited in the wild.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Citrix Netscaler ADC: before 13.0-58.32

Citrix Access Gateway: before 13.0-58.32

CPE2.3 External links

http://support.citrix.com/article/CTX474995
http://www.citrix.com/blogs/2022/12/13/critical-security-update-now-available-for-citrix-adc-citrix-gateway/


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###