+44 (0)203 88 020 88

Menu

Search

Cyber Security News & Articles

 

Cyber Security
News & Articles

Trusted Cyber Security Experts
25+ Years Industry Experience
Ethical, Professional & Pragmatic

Citrix Zero-Day Vulnerability Actively Exploited

A critical zero-day vulnerability has been confirmed to be actively exploited by state-backed attackers to gain access to corporate networks. The National Security Agency (NSA), a branch of the US Government, have released a cybersecurity advisory  to help organisations detect and mitigate attacks that exploit this vulnerability. Products affected by this flaw are Citrix ADC and Citrix Gateway versions 13.0 before 13.0-58.32, and 12.1 before 12.2-65.25, as well as Citrix ADC 12.1-FIPS and Citrix ADC 12.1-NDcPP before 12.1-55.291. A security update was released by Citrix last week to patch this flaw, alongside a security blog post where Citrix warn admins to apply this patch as soon as possible, stating that customers with SAML SP or IdP configurations should “install the recommended builds immediately”. 

The vulnerability tracked as CVE-2022-27518 is a critical severity zero-day flaw, with a CVSS base score of 9.8. An exploit of this vulnerability can allow for an unauthenticated attacker to remotely execute arbitrary code, however specific details about this vulnerability and how it has been exploited have not been released. This flaw occurs due to improper resource control in the affected systems if they are configured as SAML SP or SAML IdP. The attacks exploiting this vulnerability in the wild were found to be targeted attacks by state-sponsored APT5 hackers, also known as UNC2630 and MANGANESE.  

 There are no workarounds to mitigate this vulnerability, instead the official released patches should be applied as soon as possible to all affected appliances. Customers using Citrix-managed cloud services or Adaptive Authentication are not affected by this vulnerability, and no further action is required to be protected against these attacks. To update Citrix ADC and Citrix Gateway, follow the links to upgrade to version 13.1 which contain relevant downloads for this security patch. Citrix also warn customers that if an affected Citrix ADC or Gateway version is being run on an SDX platform, this will need to have VPX instances upgraded.  

 

 

Subscribe to our monthly newsletter today

If you’d like to stay up-to-date with the latest cyber security news and articles from our technical team, you can sign up to our monthly newsletter. 

We hate spam as much as you do, so we promise not to bombard you with emails. We’ll send you a single, curated email each month that contains all of our cyber security news and articles for that month.

Why Choose SecureTeam?

CREST
CCS
ISO9001
ISO27001
CE-PLUS

Customer Testimonials

“We were very impressed with the service, I will say, the vulnerability found was one our previous organisation had not picked up, which does make you wonder if anything else was missed.”

Aim Ltd Chief Technology Officer (CTO)

"Within a very tight timescale, SecureTeam managed to deliver a highly professional service efficiently. The team helped the process with regular updates and escalation where necessary. Would highly recommend"

IoT Solutions Group Limited Chief Technology Officer (CTO) & Founder

“First class service as ever. We learn something new each year! Thank you to all your team.”

Royal Haskoning DHV Service Delivery Manager

“We’ve worked with SecureTeam for a few years to conduct our testing. The team make it easy to deal with them; they are attentive and explain detailed reports in a jargon-free way that allows the less technical people to understand. I wouldn’t work with anyone else for our cyber security.”

Capital Asset Management Head of Operations

“SecureTeam provided Derbyshire's Education Data Hub with an approachable and professional service to ensure our schools were able to successfully certify for Cyber Essentials. The team provided a smooth end-to-end service and were always on hand to offer advice when necessary.”

Derbyshire County Council Team Manager Education Data Hub

“A very efficient, professional, and friendly delivery of our testing and the results. You delivered exactly what we asked for in the timeframe we needed it, while maintaining quality and integrity. A great job, done well.”

AMX Solutions IT Project Officer

“We were very pleased with the work and report provided. It was easy to translate the provided details into some actionable tasks on our end so that was great. We always appreciate the ongoing support.”

Innovez Ltd Support Officer

Get in touch today

If you’d like to see how SecureTeam can take your cybersecurity posture to the next level, we’d love to hear from you, learn about your requirements and then send you a free quotation for our services.

Our customers love our fast-turnaround, “no-nonsense” quotations – not to mention that we hate high-pressure sales tactics as much as you do.

We know that every organisation is unique, so our detailed scoping process ensures that we provide you with an accurate quotation for our services, which we trust you’ll find highly competitive.

Get in touch with us today and a member of our team will be in touch to provide you with a quotation. 

0

No products in the basket.

No products in the basket.