A researcher has discovered a critical vulnerability in Citrix products that risked thousands of businesses around the world. Exploiting the vulnerability could allow an attacker to gain access to a company’s network without authentication.
Citrix Vulnerability Could Allow Unauthorized Access
A security researcher from Positive Technologies, Mikhail Klyuchnikov, discovered a serious security bug in Citrix products. Specifically, he found the vulnerability affecting the Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway).
As stated in a post, exploiting the flaw could allow an attacker to directly access the target firm’s local network without the need to compromise other accounts.
Upon finding the flaw, the researchers informed Citrix of the matter who also acknowledged their findings. Elaborating the vulnerability CVE-2019-19781 in an advisory, they stated,
A vulnerability has been identified in Citrix Application Delivery Controller (ADC) formerly known as NetScaler ADC and Citrix Gateway formerly known as NetScaler Gateway that, if exploited, could allow an unauthenticated attacker to perform arbitrary code execution.
The bug affected all supported builds of Citrix ADC and Citrix Gateway versions 11.1, 12.0, 12.1, and 13.0. Furthermore, it also affected all supported builds for Citrix NetScaler ADC and NetScaler Gateway version 10.5.
Possible Mitigations
For now, Citrix has advised mitigation steps for users to avoid potential exploit. Addressing the vulnerability in a separate post, vendors have detailed the configurations to address the bug. Users must ensure they apply these steps until the vendors release a patch for the flaw. As Citrix stated,
Citrix strongly urges affected customers to immediately apply the provided mitigation. Customers should then upgrade all of their vulnerable appliances to a fixed version of the appliance firmware when released.
According to Positive Technologies, this is certainly a high-impact flaw that potentially affects at least 80,000 firms in 158 countries. Whereas, the top 5 of the affected regions include the United States with 38% of all vulnerable businesses. Then follows the UK, Germany, the Netherlands, and Australia.
Earlier this year, Citrix also suffered a data breach that exposed explicit details of its former and current employees.
Let us know your thoughts in the comments.