Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities

Home/citrix servers, Compromised, Security Advisory, Security Update, Tips, vulnerability/Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities

Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities

Two critical vulnerabilities tracked as CVE-2022-27510 and CVE-2022-27518 still affect thousands of Citrix Application Delivery Controller (ADC) and Gateway devices, NCC Group’s Fox IT team said in a blog post.

CVE-2022-27510 and CVE-2022-27518

Vulnerability CVE-2022-27510 allows unauthorized access to Citrix ADCs and Citrix Gateways. Citrix has issued an advisory Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516 and also firmware updates for affected products as of November 8, 2022.

The vulnerability allows an unauthenticated attacker to execute arbitrary code in Citrix Gateways and Citrix ADCs.

Then there are over 1,000 servers vulnerable to CVE-2022-27510 and approximately 3,000 endpoints potentially vulnerable to both critical bugs.

While Citrix released patches for both flaws, the Fox IT team found that many still remain exposed. Data collected as late as December 28 show that close to 4k internet-facing devices are vulnerable to the arbitrary RCE flaw. Many machines are still vulnerable to both critical flaws.researchers claim that many countries were quick to fix the issue.

Follow Us on: Twitter, InstagramFacebook to get the latest security news!

By | 2023-01-26T09:32:22+05:30 December 29th, 2022|citrix servers, Compromised, Security Advisory, Security Update, Tips, vulnerability|

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!