A newly revealed flaw affecting the Citrix Application Delivery Controller and the Citrix Gateway could possibly expose the networks of over 80,000 companies to hacking attacks.
Currently tracked as CVE-2019-19781, the flaw could let remote attackers with access to a firm’s internal network without requiring verification.
If effectively abused, it leads to arbitrary code execution, as per Positive Technologies’ security expert Mikhail Klyuchnikov who revealed the flaw.
Positive Technologies security experts discovered “that at least 80,000 companies in 158 countries are potentially at risk with the top 5 countries being “the United States (the absolute leader, with over 38 percent of all vulnerable organizations), the UK, Germany, the Netherlands, and Australia.”
While Citrix still has not issued new firmware to highlight this security problem, the company published a set of extenuation measures for separate systems and collections as part of this knowledge-based article and it strongly suggests affected clients to apply them at the earliest.
“Customers should then upgrade all of their vulnerable appliances to a fixed version of the appliance firmware when released,” Citrix also says.
To be warned when updated firmware is available for the impacted Citrix products, clients are also counseled to subscribe to bulletin alerts here.
Affected products and platforms
According to Citrix, the CVE-2019-19781 susceptibility affects all supported product versions and all supported platforms:
“Citrix applications are widely used in corporate networks. This includes their use for providing terminal access of employees to internal company applications from any device via the Internet,” Positive Technologies’s Director of Security Audit Department Dmitry Serebryannikov said.
“Considering the high risk brought by the discovered vulnerability, and how widespread Citrix software is in the business community, we recommend information security professionals take immediate steps to mitigate the threat.”