Chinese Hackers Exploit Citrix Vulnerabilities

According to a report dated December 19, 2022, attackers belonging to other Chinese APT groups, such as APT5, are using significant vulnerabilities in a networking appliance used to ensure the availability of clinical applications and a virtual private network, each manufactured by the company Citrix. The products, Citrix Application Delivery Controller and Gateway, are used in the healthcare sector to balance network demands on applications such as electronic health records and for remote access. The vulnerabilities would allow a remote attacker to "completely" compromise a target system. The company urges customers to upgrade all vulnerable instances of their Citrix platforms. 

To follow the editor's process of patching the vulnerability (mentionned by the source) and applying it as soon as it is available, please go here: https://support.citrix.com/article/CTX474995/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227518. 

The impact of these unpatched vulnerabilities could be severe. Indeed, their use by Chinese APTs could compromise any system using CITRIX products in the healthcare sector even in Europe. Compromised systems could result in the theft of sensitive data and research or the disruption of the systems themselves. 

Read more about it : here