Security Researchers at Positive Technologies disclosed a vulnerability identified as CVE-2019-19781 that affects Citrix Application Delivery Controllers. Successful exploitation can be executed in one minute which has Positive Technologies giving the exploit a maximum 10 score on the CVSS scale. This vulnerability is a remote code execution vulnerability which allows an attacker to execute code remotely without authentication.
At this time, the Masergy Threat Intelligence Team is aware of proof-of-concept exploits being developed by security researchers and are tracking reports of in-the-wild scanning for this vulnerability. We will continue to monitor the situation. We assess that it is highly likely that actors will pursue the development of exploits for this vulnerability.
- CVE-2019-19781 – remote code execution vulnerability in Citrix Application Delivery Controller & Citrix Gateway (CVSS: 9.8)
- Citrix ADC and Citrix Gateway version 13.0 all supported builds
- Citrix ADC and NetScaler Gateway version 12.1 all supported builds
- Citrix ADC and NetScaler Gateway version 12.0 all supported builds
- Citrix ADC and NetScaler Gateway version 11.1 all supported builds
- Citrix NetScaler ADC and NetScaler Gateway version 10.5 all supported builds
We recommend the following actions be taken:
- Perform the mitigation steps that Citirix has outlined here
- Subscribe to the bulletin alerts that Citrix provides to be notified as soon as the firmware patch is available.
At this time, Citrix has not released a firmware patch for the vulnerability.