Description of Problem
A vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows). If exploited, this issue would allow an adversary, who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM. This issue has the following identifier:
CVE-ID |
Description |
CWE |
Pre-conditions |
CVE-2022-21827 |
Arbitrary corruption or deletion of files as SYSTEM |
CWE-284: Improper Access Control |
Local access to a machine that has the vulnerable plug-in installed |
The following supported versions of Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows) are affected by this vulnerability:
-
Citrix Gateway Plug-in for Windows versions before 21.9.1.2
What Customers Should Do
This issue has been addressed in the following versions of Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows):
-
Citrix Gateway Plug-in for Windows version 21.9.1.2 and later releases
Citrix recommends that affected customers upgrade the Citrix Gateway Plug-in installed on their endpoints by taking the following actions as their patching schedule allows:
-
If Citrix Gateway Plug-in is distributed via the SSL VPN upgrade control feature of Citrix ADC or Citrix Gateway:
Check the version of Citrix Gateway Plug-in for Windows that is being distributed by each Citrix ADC or Citrix Gateway instance. This can be done using either GUI or by viewing the file located at /var/netscaler/gui/vpn/pluginlist.xml. If it is a vulnerable version, customers must either:
- upgrade the Citrix ADC or Gateway firmware to a version that includes a fixed version of the Plug-in.
A fixed version of Citrix Gateway Plug-in for Windows is included in the following versions of Citrix ADC and Citrix Gateway:
-
Citrix ADC and Citrix Gateway 13.1-4.44 and later releases
-
Citrix ADC and Citrix Gateway 13.0-83.29 and later releases
-
Citrix ADC and Citrix Gateway 12.1-63.22 and later releases
-
Citrix ADC and Citrix Gateway 12.1-FIPS 12.1-55.277 and later releases
-
Citrix ADC and Citrix Gateway 12.1-NDcPP 12.1-55.276 and later releases
-
directly replace the vulnerable plug-in on the Citrix ADC or Gateway firmware without upgrading the firmware by following the instructions at: https://www.citrix.com/downloads/citrix-gateway/plug-ins/citrix-secure-access-client-for-windows.html.
Note that this option is only currently available on Citrix ADC and Citrix Gateway 13.1 or 13.0-76.31 and above.
Information about the upgrade control feature is detailed at: https://docs.citrix.com/en-us/citrix-gateway/13/vpn-user-config/how-users-connect-with-gateway-plugin.html#control-upgrade-of-citrix-gateway-plug-ins
-
If Citrix Gateway Plug-in is distributed/upgraded directly onto users' devices:
Customers must install a fixed Plug-in on their users' devices by downloading it from https://www.citrix.com/downloads/citrix-gateway/plug-ins/citrix-secure-access-client-for-windows.html
Acknowledgements
What Citrix is Doing
Obtaining Support on This Issue
Subscribe to Receive Alerts
Reporting Security Vulnerabilities to Citrix
Disclaimer
Changelog
Date | Change |
2022-04-12 | Initial Publication |