CVE-2020-8195
MEDIUM KEV RANSOMWARECitrix ADC/Gateway <13.0-58.30 - Info Disclosure
Title source: llmExploitation Summary
CVE-2020-8195 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added November 3, 2021, with confirmed use in ransomware campaigns.
Description
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_misc
https://support.citrix.com/article/CTX276688
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-8195
Scores
CVSS v3
6.5
EPSS
0.8034
EPSS Percentile
99.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
partial
Details
CISA KEV
2021-11-03
VulnCheck KEV
2020-09-15
InTheWild.io
2021-07-23
ENISA EUVD
EUVD-2020-29072
Ransomware Use
Confirmed
CWE
CWE-22
CWE-20
Status
published
Products (5)
citrix/application_delivery_controller_firmware
10.5 - 10.5-70.18
citrix/gateway_firmware
13.0 - 13.0-58.30
citrix/gateway_plug-in_for_linux
< 1.0.0.137
citrix/netscaler_gateway_firmware
10.5 - 10.5-70.18
citrix/sd-wan_wanop
10.2 - 10.2.7
Published
Jul 10, 2020
KEV Added
Nov 03, 2021
Tracked Since
Feb 18, 2026