CVE-2022-27510

CRITICAL EXPLOITED IN THE WILD RANSOMWARE

Citrix Gateway 12.1-<12.1-65.21 - Unauthenticated Improper Authentication

Title source: llm

CVE-2022-27510 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io), including in ransomware campaigns.

Unauthorized access to Gateway user capabilities

Core 1

Core References

Vendor Advisory

CVSS v3 9.8

EPSS 0.0118

EPSS Percentile 79.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

VulnCheck KEV 2023-01-13

InTheWild.io 2023-01-13

Ransomware Use Confirmed

CWE

CWE-287 CWE-288

Status published

Products (3)

citrix/application_delivery_controller_firmware 12.1 - 12.1-55.289 (2 CPE variants)

citrix/application_delivery_controller_firmware 12.1 - 12.1-65.21

citrix/gateway 12.1 - 12.1-65.21

Published Nov 08, 2022

Tracked Since Feb 18, 2026