Critical vulnerabilities affecting Citrix StoreFront, SD WAN, XenMobile Server, and Gateway Plug-in

Citrix announced the release of security patches for multiple vulnerabilities present in some of its products, including a severe issue in SD-WAN. Tracked as CVE-2022-27505, this flaw was described as a reflected cross-site scripting (XSS) error that exists because the input is not properly neutralized during web page generation.

These flaws were also disclosed through the Cybersecurity and Infrastructure Security Agency (CISA), whose message notes that successful exploitation would allow threat actors to take control of the affected systems.

Citrix SD-WAN is a solution for optimized application delivery on a secure WAN, ensuring secure access to applications. The report notes that standard and premium editions of SD-WAB devices prior to v11.4.3a are vulnerable to this flaw.

This update will also address CVE-2022-27506, a low-severity security flaw that would have allowed administrative users to use encrypted credentials to access the shell via the SD-WAN CLI.

Shortly before, the company also fixed an XSS bug in StoreFront tracked as CVE-2022-27503, and a corruption or arbitrary file deletion flaw in the Gateway Plug-in tracked as CVE-2022-21827.

Finally, Citrix addressed three vulnerabilities in Endpoint Management (XenMobile Server). Tracked as CVE-2021-44519, CVE-2021-44520, and CVE-2022-26151, their successful exploitation would allow threat actors to gain unauthorized access to the underlying operating system.

Citrix recommends that users of affected deployments upgrade to the latest version of their products. A corrected version of the Gateway Plug-in for Windows can be found in the latest versions of Citrix ADC and Gateway.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.