In today’s SensCy Cyber Alert, your SensCy team recommends Citrix users to apply security patches for a “Critical” zero-day vulnerability in Citrix ADC and Gateway that is currently exploited by state-sponsored hackers. The vulnerability can be tracked as CVE-2022-27518 and allows an unauthenticated individual to execute commands remotely on vulnerable devices and take control over them.
“Customers who are using an affected build with a SAML SP or IdP configuration are urged to install the recommended builds immediately as this vulnerability has been identified as critical. No workarounds are available for this vulnerability.” – Citrix.
The vulnerability impacts the following versions of Citrix ADC and Citrix Gateway:
- Citrix ADC and Citrix Gateway 13.0 before 13.0-58.32
- Citrix ADC and Citrix Gateway 12.1 before 12.1-65.25
- Citrix ADC 12.1-FIPS before 12.1-55.291
- Citrix ADC 12.1-NDcPP before 12.1-55.291
For additional information follow this link.
What is a zero-day vulnerability?
In cybersecurity, a zero-day vulnerability refers to a vulnerability in a system or device that has been disclosed but not yet patched. The vulnerability was discovered before developers and security researchers were aware of it and could provide a patch/update.
Why are zero-day vulnerabilities dangerous?
Two main reasons: Cybercriminals can freely exploit these vulnerabilities by malware infections, potentially resulting in data loss for the victims. The systems are vulnerable for as long as the user does not update or install the patch issued by the vendor.