Skip to main content

CVE-2022-27518

CRITICAL
Improper Control of a Resource Through its Lifetime (CWE-664)
2022-12-13 secure@citrix.com
9.8
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 26, 2026 - 11:19 vuln.today
Added to CISA KEV
Feb 25, 2026 - 13:46 cisa
CISA KEV
CVE Published
Dec 13, 2022 - 17:15 nvd
CRITICAL 9.8

DescriptionNVD

Unauthenticated remote arbitrary code execution

AnalysisAI

Citrix ADC and Gateway contain an unauthenticated remote code execution vulnerability exploited by APT5 (Chinese state-sponsored) in zero-day attacks against critical infrastructure in December 2022.

Technical ContextAI

The CWE-664 improper control of a resource vulnerability in Citrix ADC/Gateway's SAML service provider or identity provider configuration allows unauthenticated remote code execution. The technical details were limited in disclosure to slow exploitation.

Affected ProductsAI

Citrix ADC and Gateway (when configured as SAML SP or IdP)

RemediationAI

Apply Citrix security updates. Review SAML configuration. Check for indicators of APT5 compromise. Conduct thorough incident response if running an affected configuration during the exploitation window.

Share

CVE-2022-27518 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy