Issue
A vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows). If exploited, this issue would allow an adversary, who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM. This issue has the following identifier:
CVD-ID | Description | CWE | Pre-Conditions |
CVE-2022-21827 | Arbitrary corruption or deletion of files as SYSTEM | CWE-284: Improper Access Control | Local access to a machine that has the vulnerable plug-in installed |
To review all 4 Citrix vulnerabilities announced on April 12th, please read our digest.
Affected versions
The following supported versions of Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows) are affected by this vulnerability:
- Citrix Gateway Plug-in for Windows versions before 21.9.1.2
Recommended Action
This issue has been addressed in the following versions of Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows):
- Citrix Gateway Plug-in for Windows version 21.9.1.2 and later releases
Citrix recommends that affected customers upgrade the Citrix Gateway Plug-in installed on their endpoints by taking the following actions as their patching schedule allows:
- If Citrix Gateway Plug-in is distributed via the SSL VPN upgrade control feature of Citrix ADC or Citrix Gateway, check the version of Citrix Gateway Plug-in for Windows that is being distributed by each Citrix ADC or Citrix Gateway instance. This can be done using either GUI or by viewing the file located at /var/netscaler/gui/vpn/pluginlist.xml. If it is a vulnerable version, customers must either:
- Upgrade the Citrix ADC or Gateway firmware to a version that includes a fixed version of the Plug-in:
- Citrix ADC and Citrix Gateway 13.1-4.44 and later releases
- Citrix ADC and Citrix Gateway 13.0-83.29 and later releases
- Citrix ADC and Citrix Gateway 12.1-63.22 and later releases
- Citrix ADC and Citrix Gateway 12.1-FIPS 12.1-55.277 and later releases
- Citrix ADC and Citrix Gateway 12.1-NDcPP 12.1-55.276 and later releases
- Or, directly replace the vulnerable plug-in on the Citrix ADC or Gateway firmware without upgrading the firmware by following the instructions at: https://www.citrix.com/downloads/citrix-gateway/plug-ins/citrix-secure-access-client-for-windows.html. Note that this option is only currently available on Citrix ADC and Citrix Gateway 13.1 or 13.0-76.31 and above. Information about the upgrade control feature is detailed at: https://docs.citrix.com/en-us/citrix-gateway/13/vpn-user-config/how-users-connect-with-gateway-plugin.html#control-upgrade-of-citrix-gateway-plug-ins
- If Citrix Gateway Plug-in is distributed/upgraded directly onto users’ devices, customers must install a fixed Plug-in on their users’ devices by downloading it from https://www.citrix.com/downloads/citrix-gateway/plug-ins/citrix-secure-access-client-for-windows.html
More Information
https://support.citrix.com/article/CTX341455
For assistance from the Kraft Kennedy team, please contact us.