TT-CSIRT-418.104.22.168: Critical Citrix ADC and Gateway Vulnerability
Citrix has released security updates to address a critical vulnerability in their Citrix ADC or Citrix Gateway products. The vulnerability in question is being tracked as CVE-2022-27518 and is a RCE vulnerability impacting Citrix ADC or Citrix Gateway when configured as a Security Assertion Markup Language (SAML) service provider (SP) or a SAML identity provider (IdP). The vulnerability is rated as critical and can be exploited by a remote, unauthenticated attacker to execute arbitrary code.
Vulnerabilities of this nature, and on this type of system, have proven to be of high value to attackers and have been successfully used in the past to compromise local organizations. TT-CSIRT strongly advises that organizations upgrade to an unaffected version on an emergency basis.
TT-CSIRT encourages administrators to review the following releases and take the necessary actions immediately:
If you have any queries, comments or require assistance, please feel free to contact TT-CSIRT via firstname.lastname@example.org