Thousands of Citrix servers could be at risk of attack

Many Citrix ADC and Gateway servers remain vulnerable to high-severity flaws that were reportedly patched by the company weeks ago, experts have claimed.

In early November 2022, Citrix uncovered and patched an “Unauthorized access to Gateway user capabilities” flaw, since tracked as CVE-2022-27510. Affecting both products, it allows an attacker to gain authorized access to target endpoints (opens in new tab), take over the devices remotely, and bypass the device’s brute force login protection.