© 2023 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Thousands of Citrix servers exposed to patched critical bugs


Citrix ADC and Gateway endpoints are still vulnerable to two critical flaws the company patched weeks ago, researchers claim.

Two critical vulnerabilities tracked as CVE-2022-27510 and CVE-2022-27518 still affect thousands of Citrix Application Delivery Controller (ADC) and Gateway devices, NCC Group’s Fox IT team said in a blog post.

The first vulnerability, CVE-2022-27510, is an authentication bypass flaw the vendor patched on November 8. The second is a remote code execution (RCE) vulnerability Citrix fixed in mid-December.

Both vulnerabilities pose severe security risks. According to the National Security Agency (NSA), the vulnerabilities were exploited in the wild by the China-linked Advanced persistent threat (APT) group Manganese (APT5).

While Citrix released patches for both flaws, the Fox IT team found that many still remain exposed. Data collected as late as December 28 show that close to 4k internet-facing devices are vulnerable to the arbitrary RCE flaw. Many machines are still vulnerable to both critical flaws.

Even though there are still many vulnerable devices, researchers claim that many countries were quick to fix the issue. Data from countries where Citrix ADC and Gateway servers are used most often show a sharp drop in vulnerable devices after the NSA and Citrix released advisories.


More from Cybernews:

Cybercrime from Russia and China: what can we expect next?

Use of AI technology helped triple patient stroke recovery in England

Twitter’s short-lived global outage: normality restored, but for how long?

LockBit claims an attack on the Port of Lisbon

AI startup spills employee data and corporate secrets

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are marked