Citrix Application Delivery Controller & Citrix Gateway RCE

Overview

 Security Researchers at Positive Technologies disclosed a vulnerability identified as CVE-2019-19781 that affects Citrix Application Delivery Controllers. Successful exploitation can be executed in one minute which has Positive Technologies giving the exploit a maximum 10 score on the CVSS scale. This vulnerability is a remote code execution vulnerability which allows an attacker to execute code remotely without authentication.

Threat Intelligence

At this time, the Masergy Threat Intelligence Team is aware of proof-of-concept exploits being developed by security researchers and are tracking reports of in-the-wild scanning for this vulnerability. We will continue to monitor the situation. We assess that it is highly likely that actors will pursue the development of exploits for this vulnerability.

Vulnerabilities

Systems Affected

Recommendations

We recommend the following actions be taken:  

Patches

At this time, Citrix has not released a firmware patch for the vulnerability.

References

Citrix:

https://support.citrix.com/article/CTX267027

https://support.citrix.com/article/CTX267679

Positive Technologies:

 https://www.ptsecurity.com/ww-en/about/news/citrix-vulnerability-allows-criminals-to-hack-networks-of-80000-companies/