Two critical vulnerabilities tracked as CVE-2022-27510 and CVE-2022-27518 still affect thousands of Citrix Application Delivery Controller (ADC) and Gateway devices, NCC Group’s Fox IT team said in a blog post.
CVE-2022-27510 and CVE-2022-27518
Vulnerability CVE-2022-27510 allows unauthorized access to Citrix ADCs and Citrix Gateways. Citrix has issued an advisory Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516 and also firmware updates for affected products as of November 8, 2022.
The vulnerability allows an unauthenticated attacker to execute arbitrary code in Citrix Gateways and Citrix ADCs.
Then there are over 1,000 servers vulnerable to CVE-2022-27510 and approximately 3,000 endpoints potentially vulnerable to both critical bugs.
While Citrix released patches for both flaws, the Fox IT team found that many still remain exposed. Data collected as late as December 28 show that close to 4k internet-facing devices are vulnerable to the arbitrary RCE flaw. Many machines are still vulnerable to both critical flaws.researchers claim that many countries were quick to fix the issue.