Multiple vulnerabilities in Citrix Gateway and ADC
This live blog contains information regarding multiple vulnerabilities in Citrix Gateway and ADC. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog. Last updated on November 10, 2022.

T-Update
This live blog contains information regarding multiple vulnerabilities in Citrix Gateway and ADC. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog. Last updated on November 10, 2022.
Update November 10, 2022
14:00 | On the 8th of November 2022, Citrix has published a security bulletin describing three different vulnerabilities in the Citrix Gateway and Citrix ADC. In order to exploit the vulnerabilities, the system must be configured as a gateway using the SSL VPN functionality or configured as an ICA proxy with authentication.
The most severe vulnerability, registered as CVE-2022-27510, allows an attacker to bypass authentication. This gives the attacker access to the user capabilities provided by the gateway. The other two vulnerabilities are registered as CVE-2022-27513 and CVE-2022-27516. Currently, there are no reports on exploitation in the wild and there is no known proof-of-concept code publicly available.
Citrix has published security updates for supported platforms to mitigate the vulnerabilities. It is highly recommended to apply these updates as soon as possible. Customers using Citrix-managed cloud services do not need to take any action.
Background
In the security bulletin published by Citrix a total of three vulnerabilities are described. The three vulnerabilities can enable attackers to gain unauthorized access to the system, perform remote desktop takeover, or bypass the login brute force protection. The impact of a successful compromise strongly depends on the applications accessed via the Citrix Solution. Currently, there are no reports on exploitation in the wild and there is no known proof-of-concept code publicly available.
Risk
Citrix has published a security bulletin describing three vulnerabilities in the Citrix Gateway and Citrix ADC. Note that only appliances that are operating as a Gateway (appliances using the SSL VPN functionality or deployed as an ICA proxy with authentication enabled) are affected. There is currently limited information regarding the vulnerabilities available.
An overview of the available information regarding the vulnerabilities can be found in the table below. At the moment of writing, no CVSS or EPSS scores are available.
Advice
Sources
More information:
- Citrix Security Bulletin – https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516
- NCSC Advisory – https://www.ncsc.nl/actueel/advisory?id=NCSC-2022-0701
Sign up to receive T-Updates
Receive the latest vulnerabilities in your email every Wednesday
More than 1,000 organisations have already joined us.
