VULNERABILITY ADVISORY

CITRIX

June 15, 2022

TCS Public
Page 1 of 8
Table of Contents
1. Purpose ............................................................................................................................................................ 3
2. Introduction ..................................................................................................................................................... 4
3. Technical Details ............................................................................................................................................... 5
4. Mitigation Measures ........................................................................................................................................ 6
5. References ........................................................................................................................................................ 7

TCS Public
Page 2 of 8
1. Purpose

This document is to create awareness about ongoing cyber events.

TCS Public
Page 3 of 8
2. Introduction
On 14th June, Citrix released security updates to address multiple vulnerabilities in Application Delivery
Management (Citrix ADM). The most severe of which could allow for corruption of the system by a remote,
unauthenticated user. An attacker could exploit some of these vulnerabilities to take control of an affected
system.

Release Date: 15th June 2022

CVE Detail:
• CVE-2022-27511
• CVE-2022-27512

Affected Products:
• Citrix ADM 13.1 before 13.1-21.53
• Citrix ADM 13.0 before 13.0-85.19

Distribution Method: Vulnerability Exploitation

TCS Public
Page 4 of 8
3. Technical Details
Multiple Vulnerabilities have been discovered in the Citrix Application Delivery Management (Citrix ADM). The
most severe of which could allow for corruption of the system by a remote, unauthenticated user or even
temporary system disruptions.

• CVE-2022-27511: This vulnerability leads to Corruption of the system by a remote, unauthenticated user.
The impact of this can include the reset of the administrator password at the next device reboot, allowing
an attacker with SSH access to connect with the default administrator credentials after the device has
rebooted.

• CVE-2022-27512: This vulnerability leads to Temporary disruption of the ADM license service. The impact
of this includes preventing new licenses from being issued or renewed by Citrix ADM.

TCS Public
Page 5 of 8
4. Mitigation Measures
An organization should always be well prepared for the forthcoming incidents that may approach possessing
harmful instincts such as cyber-attacks. To tackle those attacks at the initial level, following are certain points
that needs to be followed by any organization so as to reduce the risk of loss from the occurrence of any
undesirable event.
• Citrix strongly recommends that network traffic to the Citrix ADM’s IP address is segmented, either
physically or logically, from standard network traffic. Doing so diminishes the risk of exploitation of these
issues.
• Citrix recommends that affected customers install the relevant updated versions of Citrix ADM server and
Citrix ADM agent as soon as possible:
• Citrix ADM 13.1-21.53 and later versions of 13.1
• Citrix ADM 13.0-85.19 and later versions of 13.0
• Apply appropriate patches or appropriate mitigations provided by Citrix to vulnerable systems
immediately after appropriate testing.
• Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of
a successful attack
• Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
• Inform and educate users regarding the threats posed by hypertext links contained in emails or
attachments especially from un-trusted sources.
• Apply the Principle of Least Privilege to all systems and services.

TCS Public
Page 6 of 8
5. References
• https[:]//support[.]citrix[.]com/article/CTX460016/citrix-application-delivery-management-security-
bulletin-for-cve202227511-and-cve202227512
• https[:]//www[.]cisa[.]gov/uscert/ncas/current-activity/2022/06/14/citrix-releases-security-updates-
application-delivery-management

TCS Public
Page 7 of 8
 Tata Consultancy Services is a purpose-led transformation partner to many of the world’s
largest businesses. For more than 50 years, it has been collaborating with clients and
communities to build a greater future through innovation and collective knowledge.
TCS offers an integrated portfolio of cognitive powered business, technology, and engineering
services and solutions. The company’s 469,000 consultants in 46 countries help empower
individuals, enterprises, and societies to build on belief.

Visit www.tcs.com and follow TCS news at @TCS_News.

This report is for informational purposes only. This material is prepared by TCS (Tata Consultancy Services). This material
may contain information sourced from publicly available information or other third-party sources. It is highly
recommended to do a Risk Assessment before taking any action. TCS does not provide any warranties of any kind
regarding any information contained within.