Sequretek Advisory - Active Exploitation of Zero-Day Vulnerability in Citrix ADC and Citrix Gateway
12/16/2022

Citrix has released security updates to address a critical vulnerability (CVE-2022-27518) in Citrix ADC and Citrix Gateway that is being actively exploited.

• US National Security Agency (NSA) has released an advisory warning of exploitation inthe-wild of Citrix products by APT5 (also known as UNC2630 and MANGANESE), a threat actor attributed to China.

• The impacted product is Citrix Application Delivery Controller (ADC), formerly known as NetScaler, which provides orchestration and automation for applications across cloud or hybrid environments.

• The vulnerability, CVE-2022-27518 , has been addressed by an update released by Citrix.

Sign Up Here for Download