CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Jan 3, 2023
High
CISA KEVCVE-2022-27518
Citrix—Application Delivery Controller (ADC) and Gateway
Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker to execute code as administrator.
Required Action
https://www.citrix.com/blogs/2022/12/13/critical-security-update-now-available-for-citrix-adc-citrix-gateway/; https://nvd.nist.gov/vuln/detail/CVE-2022-27518
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Dec 13, 2022
- KEV Added
- Dec 13, 2022
- Due Date
- Jan 3, 2023
- Related Articles
- 0
Vendor
Citrix
Application Delivery Controller (ADC) and Gateway