Patched critical vulnerabilities still not addressed in many Citrix servers

Thousands of Citrix ADC and Gateway instances could still be compromised by exploiting critical security vulnerabilities that have already been patched by Citrix, reports BleepingComputer. More than 1,000 servers are vulnerable to CVE-2022-27510, an authentication bypass bug that could be leveraged to facilitate unauthorized device access, remote desktop takeovers, and login brute force protection bypass, which has been addressed by Citrix on Nov. 8, according to a report from NCC Group's Fox IT team. Meanwhile, some 3,500 systems are susceptible to exploits targeting CVE-2022-27518, which enables remote command execution and has been fixed on Dec. 13. Nearly 3,000 endpoints are estimated to be impacted by both vulnerabilities, researchers said. The report also showed that the U.S., Canada, Germany, Switzerland, and Australia were quick to remediate the vulnerabilities upon the release of security advisories. Researchers noted that the findings should prompt Citrix administrators with vulnerable instances to immediately apply the available fixes.