CVE-2022-27518 — Actively Exploited: Application Delivery Controller (ADC) and Gateway (Citrix)
Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker to execute code as administrator.
| CVE ID | CVE-2022-27518 |
|---|---|
| Vendor | Citrix |
| Product | Application Delivery Controller (ADC) and Gateway |
| Vulnerability name | Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability |
| Date added | 2022-12-13 |
| Remediation due | 2023-01-03 |
| Known ransomware use | Unknown |
| Required action | Apply updates per vendor instructions. |
| Description | Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker to execute code as administrator. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →