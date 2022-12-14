Citrix ADC and Gateway need urgent patches

By on
Citrix ADC and Gateway need urgent patches
File photo.

NSA warns APT5 group already exploiting vulns.

The US National Security Agency is warning that the threat group known as APT5 is exploiting bugs in Citrix’s Application Delivery Controller product.

Citrix said in its blog post that the bug, CVE-2022-27518, also affects its Gateway product.

The bug affects versions 12.1 and 13.0 before 13.0-58.32 of the products, if they are “configured with an SAML SP or IdP configuration to be affected”. SAML is an authentication protocol; IdP stands for “identity provider”.

The company has provided updated software to fix the issue.

The NSA’s advisory [pdf] states that exploits “can facilitate illegitimate access to targeted organizations by bypassing normal authentication controls”.

It offered guidance on “steps organisations can take to look for possible artifacts of this type of activity”.

These include checking the integrity of executables in their Citrix environment by comparing MD5 hashes to known good binaries; checking logs for markers of APT5 activity; and using NSA-provided YARA signatures that can detect known APT5 malware.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
adcapt5citrixsecurity

Sponsored Whitepapers

Using Cloud-Based, AI-Driven Management to Improve Network Operations
Using Cloud-Based, AI-Driven Management to Improve Network Operations
The Business Value of AIOps-Driven Network Management
The Business Value of AIOps-Driven Network Management
The AI-Driven Campus: Using artificial intelligence for the campus networks of the next decade
The AI-Driven Campus: Using artificial intelligence for the campus networks of the next decade
Bringing AI To Enterprise Networking: The Journey to better experiences with AIOps
Bringing AI To Enterprise Networking: The Journey to better experiences with AIOps
Adjusting to a New Era in Ransomware Risk
Adjusting to a New Era in Ransomware Risk

Events

Most Read Articles

AFP arrests four over crypto, investment scams

AFP arrests four over crypto, investment scams
Gov sets target to make Australia "most cyber secure country" by 2030

Gov sets target to make Australia "most cyber secure country" by 2030
Telstra blames privacy breach on 'database misalignment'

Telstra blames privacy breach on 'database misalignment'
CLOUD Act treaty should be ratified, says committee

CLOUD Act treaty should be ratified, says committee

Digital Nation

Cover Story: The business of gaming will reshape marketing, technology
Cover Story: The business of gaming will reshape marketing, technology
Case study: Transurban uses automation to detect road incidents
Case study: Transurban uses automation to detect road incidents
Meta threatens to take news off its platform in the US. Yep, we're here again
Meta threatens to take news off its platform in the US. Yep, we're here again
Case study: How La Trobe University sets its data students up for success
Case study: How La Trobe University sets its data students up for success
Case Study: How HCF reengaged its customers through data and analytics
Case Study: How HCF reengaged its customers through data and analytics

Log In

  |  Forgot your password?