Targeting of Citrix Systems software
Date of report
  • December 2022
The U.S. National Security Agency issued a warning that two pieces of software from Citrix Systems, which are commonly used in corporate servers, had major vulnerabilities that were being actively exploited by APT 5.
Suspected victims
  • Users of Citrix Systems' application delivery controller and Gateway endpoint
Suspected state sponsor
  • China
Type of incident
  • Espionage
Target category
  • Private sector
Victim government reaction
  • Unknown
Policy response
Suspected state sponsor response