State-sponsored attackers actively exploiting RCE in Citrix devices, patch ASAP! (CVE-2022-27518)

13 December 2022

An unauthenticated remote code execution flaw (CVE-2022-27518) is being leveraged by a Chinese state-sponsored group to compromise Citrix Application Delivery Controller (ADC) deployments, the US National Security Agency has warned. “Targeting Citrix ADCs can facilitate illegitimate access to targeted organizations by bypassing normal authentication controls.” About CVE-2022-27518 CVE-2022-27518 stems from the vulnerable devices’ software failing to maintain control over a resource throughout its lifetime (creation, use, and release) and gives remote attackers the opportunity to execute arbitrary code (without prior authentication) on vulnerable appliances.

Read full article on Help Net Security

Date:

13 December 2022

Categorie(s):

NEWS

Tag(s):

APT, Citrix, CVE, NSA, Virtualization

LastPass users targeted by vishing attackers19 April 2024
Hackers Target Middle East Governments with Evasive “CR4T” Backdoor19 April 2024
6 Surprising Ways Hackers Can Exploit Your Smart Home Devices19 April 2024
Protobom: Open-source software supply chain tool19 April 2024
The key pillars of domain security19 April 2024