Citrix ADC, Gateway Users Race Against Hackers to Patch Critical Flaw

  /     /     /  
Publicated : 23/11/2024   Category : security


Citrix ADC, Gateway Users Race Against Hackers to Patch Critical Flaw


Citrix issues a critical update as NSA warns that the APT5 threat group is actively trying to target ADC environments.



Citrix has issued a patch for a critical flaw affecting Citrix ADC and Citrix Gateway, adding that the company is aware of attacks against the vulnerability in the wild.
The vulnerability, tracked under CVE-2022-27518, affects Citrix ADC and Citrix Gateway versions 12.1 (including FIPS and NDcPP) and 13.0 before 13.0-58.32. 
Both must be configured with an SAML SP or IdP configuration to be affected, Citrix noted in its
security update
.
The National Security Agency (NSA) issued its own warning that the China-linked 
APT5 threat group
has been actively targeting Citrix ADCs to bypass authentication controls to breach organizations. It also provided
threat hunting guidance
for security teams, and asked for intelligence sharing among the public and private sectors.
The indicators and context from this analysis can be used by organizations for defensive purposes against this malicious activity, the NSA announced. NSA requests that any additional insights and/or discoveries be shared with the NSA Cybersecurity Collaboration Center in order to enhance understanding of this activity and so that it can be used to improve the overall security posture of the Defense Industrial Base, DoD, and USG.

Last News

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Citrix ADC, Gateway Users Race Against Hackers to Patch Critical Flaw