June 15, 2022  

Citrix Patches ADM Account Takeover Vulnerability

Citrix has patched an improper access control vulnerability affecting the Application Delivery Management solution (Citrix ADM), which may lead to an account takeover. 

The Vulnerability

• CVE-2022-27511 – Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password, allowing an attacker with SSH access to connect with the default administrator credentials after the device has rebooted.

Note that in order to exploit this vulnerability, the attacker requires access to ADM IP. 

Affected Products

• Citrix ADM 13.1: before 13.1-21.53. 
• Citrix ADM 13.0: before 13.0-85.19. 

Mitigation

CYREBRO recommends updating relevant products to the latest available version. 

References: Citrix Advisory.