Contact Support
  • Open or view cases
  • Chat live
  • Site feedback
Sign in
Contact Support
  • Open or view cases
  • Chat live
  • Site feedback

Customers who viewed this article also viewed
banner icon

Identify Changes in NetScaler build files with

File Integrity Monitoring

Learn More Watch Video
CTX341455 {{tooltipText}}

Citrix Gateway Plug-in for Windows Security Bulletin for CVE-2022-21827

Security Bulletin | Severity: Medium | {{likeCount}} found this helpful | Created: {{articleFormattedCreatedDate}} | Modified: {{articleFormattedModifiedDate}}
download Why can't I download this file? Log in to Verify Download Permissions

Applicable Products

  • Citrix ADC
  • Citrix Gateway

Description of Problem

A vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows). If exploited, this issue would allow an adversary, who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM. This issue has the following identifier: 

 

CVE-ID  

Description  

CWE  

Pre-conditions 

CVE-2022-21827 

Arbitrary corruption or deletion of files as SYSTEM 

CWE-284: Improper Access Control 

Local access to a machine that has the vulnerable plug-in installed 

 

The following supported versions of Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows) are affected by this vulnerability: 

  • Citrix Gateway Plug-in for Windows versions before 21.9.1.2 

What Customers Should Do

This issue has been addressed in the following versions of Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows): 

  • Citrix Gateway Plug-in for Windows version 21.9.1.2 and later releases 

Citrix recommends that affected customers upgrade the Citrix Gateway Plug-in installed on their endpoints by taking the following actions as their patching schedule allows:   

 

  1. If Citrix Gateway Plug-in is distributed via the SSL VPN upgrade control feature of Citrix ADC or Citrix Gateway:  

Check the version of Citrix Gateway Plug-in for Windows that is being distributed by each Citrix ADC or Citrix Gateway instance. This can be done using either GUI or by viewing the file located at /var/netscaler/gui/vpn/pluginlist.xml. If it is a vulnerable version, customers must either: 

 

  • upgrade the Citrix ADC or Gateway firmware to a version that includes a fixed version of the Plug-in. 

A fixed version of Citrix Gateway Plug-in for Windows is included in the following versions of Citrix ADC and Citrix Gateway:  

  • Citrix ADC and Citrix Gateway 13.1-4.44 and later releases   

  • Citrix ADC and Citrix Gateway 13.0-83.29 and later releases  

  • Citrix ADC and Citrix Gateway 12.1-63.22 and later releases  

  • Citrix ADC and Citrix Gateway 12.1-FIPS 12.1-55.277 and later releases   

  • Citrix ADC and Citrix Gateway 12.1-NDcPP 12.1-55.276 and later releases  

 

 

Information about the upgrade control feature is detailed at: https://docs.citrix.com/en-us/citrix-gateway/13/vpn-user-config/how-users-connect-with-gateway-plugin.html#control-upgrade-of-citrix-gateway-plug-ins  

  

  1. If Citrix Gateway Plug-in is distributed/upgraded directly onto users' devices:    

Customers must install a fixed Plug-in on their users' devices by downloading it from https://www.citrix.com/downloads/citrix-gateway/plug-ins/citrix-secure-access-client-for-windows.html  

Acknowledgements

Citrix thanks Brecht Snijders for working with us to protect Citrix customers.

What Citrix is Doing

Citrix is notifying customers and channel partners about this potential security issue through the publication of this security bulletin on the Citrix Knowledge Center at https://support.citrix.com/securitybulletins.

Obtaining Support on This Issue

If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at https://www.citrix.com/support/open-a-support-case.

Subscribe to Receive Alerts

Citrix strongly recommends that all customers subscribe to receive alerts when a Citrix security bulletin is created or modified at https://support.citrix.com/user/alerts.

Reporting Security Vulnerabilities to Citrix

Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For details on our vulnerability response process and guidance on how to report security-related issues to Citrix, please see the following webpage: https://www.citrix.com/about/trust-center/vulnerability-process.html.

Disclaimer

This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. Citrix reserves the right to change or update this document at any time. Customers are therefore recommended to always view the latest version of this document directly from the Citrix Knowledge Center.

Changelog

Date Change
2022-04-12 Initial Publication
Page feedback
Name is required
Cancel Submit

Featured Products

Failed to load featured products content, Please try again .

{{ getHeading('digitalWorkspaces') }}

{{ getHeading('networking') }}

View support numbers
Share this page