Citrix Patches Zero Day in ADC and Gateway CVE-2022-27518...
Citrix Patches Zero Day in ADC and Gateway CVE-2022-27518 On December 13, Citrix published an advisory for a vulnerability affecting several versions of Gateway and Application Delivery Controller products. Threat actors have been exploiting the vulnerability. CVE-2022-27518 is an unauthenticated remote code execution vulnerability in several versions of Citrix ADC and Citrix Gateway. Affected devices are vulnerable when configured as a SAML (Security Assertion Markup Language service provider (SP) or Identity Provider (IdP). For more information about the vulnerability, including the availability of patches and Tenable product coverage, please visit our blog.