CVE-2022-27518

Name of the Vulnerable Software and Affected Versions Citrix Application Delivery Controller (ADC) versions prior to 12.1-55.291 Citrix Application Delivery Controller (ADC) versions prior to 12.1-65.25 Citrix Application Delivery Controller (ADC) versions prior to 13.0-58.32 Citrix Gateway versions prior to 12.1-65.25 Citrix Gateway versions prior to 13.0-58.32

Description The issue is related to insufficient control of resources, allowing remote attackers to execute arbitrary code. This can be exploited for unauthenticated remote arbitrary code execution. The vulnerability has been used in real-world attacks, including by Chinese APT groups, to gain control of affected systems. Researchers have identified that the vulnerability is being exploited by ORB networks, which are used to raise the cost for defenders. The estimated number of potentially affected devices is not provided.

Recommendations For Citrix Application Delivery Controller (ADC) versions prior to 12.1-55.291, update to a version 12.1-55.291 or later. For Citrix Application Delivery Controller (ADC) versions prior to 12.1-65.25, update to a version 12.1-65.25 or later. For Citrix Application Delivery Controller (ADC) versions prior to 13.0-58.32, update to a version 13.0-58.32 or later. For Citrix Gateway versions prior to 12.1-65.25, update to a version 12.1-65.25 or later. For Citrix Gateway versions prior to 13.0-58.32, update to a version 13.0-58.32 or later. As a temporary workaround, consider restricting access to the vulnerable API endpoints until a patch is available.