Experts say many Citrix ADC and Gateway servers are still vulnerable to serious vulnerabilities that the company reportedly fixed a few weeks ago.

In early November 2022, Citrix discovered and patched the “Unauthorized Access to Gateway User Capabilities” vulnerability, since tracked as CVE-2022-27510. By affecting both products, it allows an attacker to gain authorized access to the targeted endpoints (opens in a new tab)remotely take control of devices and bypass device protection against brute force login.