APT5, a Chinese threat group, has used a newly discovered flaw (CVE-2022-27518) in Citrix ADC and Gateway to target a small number of organizations.
Attackers have historically exploited vulnerabilities in Citrix Gateway and ADC in order to target organizations.
Citrix has released software mitigations to help prevent DDoS attacks using its ADC and Gateway appliances.
Citrix has released patches for the CVE-2019-19781 vulnerability in its ADC and Gateway appliances.
Citrix and FireEye Mandiant have released a scanner that can detect some indicators of compromise related to the CVE-2019-19781 vulnerability.