Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Citrix — Vulnerabilities & Security Advisories 38

Browse all 38 CVE security advisories affecting Citrix. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Citrix Systems provides virtualization and remote access solutions, primarily enabling secure delivery of applications and desktops to users across networks. Its portfolio, including Virtual Apps and Desktops, is critical for enterprise workforce flexibility but has historically attracted significant security scrutiny. The platform has been associated with numerous Common Vulnerabilities and Exposures, including thirty-eight recorded instances, often involving remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities frequently stem from complex integration points and legacy components within its architecture. Notably, the 2023 breach involving the MOVEit Transfer software, though technically a separate entity, highlighted broader supply chain risks affecting the ecosystem. Security researchers emphasize that improper configuration and delayed patching of these known weaknesses have facilitated unauthorized access, underscoring the necessity for rigorous vulnerability management and continuous monitoring to mitigate exposure to sophisticated threat actors targeting remote access infrastructure.

Top products by Citrix: Citrix Workspace App for Windows Citrix Gateway, Citrix ADC Citrix Application Delivery Management (Citrix ADM) Citrix ADC and Citrix Gateway  Secure Access Client for Mac Citrix Workspace app for HTML5 NetScaler ADC  NetScaler ADC Windows Virtual Delivery Agent for CVAD and Citrix DaaS Federated Authentication Service (FAS) Workspace App for Windows Secure Access Client for Windows Citrix Session Recording uberAgent Citrix Provisioning Windows Virtual Delivery Agent Citrix Hypervisor Citrix SD-WAN Standard/Premium Editions Citrix Secure Access client for Windows Citrix Secure Access client for Ubuntu Citrix ShareFile Storage Zones Controller Virtual Delivery Agents for Windows for CVAD and Citrix DaaS Security Citrix Workspace app for Linux Citrix Virtual Apps and Desktops Citrix Gateway, Citrix ADC StoreFront
CVE IDTitleCVSSSeverityPublished
CVE-2022-27518 Unauthenticated remote arbitrary code execution — Citrix Gateway, Citrix ADCCWE-664 9.8 Critical2022-12-13
CVE-2022-27516 User login brute force protection functionality bypass — Citrix Gateway, Citrix ADC CWE-693 5.3 Medium2022-11-08
CVE-2022-27510 Unauthorized access to Gateway user capabilities — Citrix Gateway, Citrix ADC CWE-288 9.8 Critical2022-11-08
CVE-2022-27513 Remote desktop takeover via phishing — Citrix Gateway, Citrix ADC CWE-345 8.3 High2022-11-08
CVE-2022-27512 Temporary disruption of the ADM license service — Citrix Application Delivery Management (Citrix ADM)CWE-664 5.3 -2022-06-16
CVE-2022-27511 Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password — Citrix Application Delivery Management (Citrix ADM)CWE-284 9.8 -2022-06-16
CVE-2022-27503 Citrix Systems Citrix StoreFront Server 跨站脚本漏洞 — StoreFrontCWE-79 6.1 -2022-04-13
CVE-2022-26355 Citrix Federated Authentication Service (FAS) — Federated Authentication Service (FAS)CWE-668 4.4 -2022-03-09

This page lists every published CVE security advisory associated with Citrix. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.