CVE-2022-27510: Critical Citrix ADC and Gateway Remote Authentication Bypass Vulnerabilities

On November 8, 2022, Citrix published Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516 announcing fixes for three vulnerabilities:

• CVE-2022-27510 “Unauthorized access to Gateway user capabilities”
• CVE-2022-27513 “Remote desktop takeover via phishing”
• CVE-2022-27516 “User login brute force protection functionality bypass”

The most notable vulnerability, CVE-2022-27510, is

adc authentication authentication bypass bypass citrix citrix adc critical cve emergent threat response gateway vulnerabilities